From c3f86757bccb6b42552f87d37a645651c58d6c7a Mon Sep 17 00:00:00 2001 From: yoshi-code-bot <70984784+yoshi-code-bot@users.noreply.github.com> Date: Sat, 12 Jun 2021 00:20:02 -0700 Subject: [PATCH] chore: Update discovery artifacts (#1412) ## Deleted keys were detected in the following pre-stable discovery artifacts: managedidentities v1alpha1 https://github.com/googleapis/google-api-python-client/commit/0927c1989574ae4272e4f753f4d55c88af62d8f2 managedidentities v1beta1 https://github.com/googleapis/google-api-python-client/commit/0927c1989574ae4272e4f753f4d55c88af62d8f2 ## Discovery Artifact Change Summary: feat(managedidentities): update the api https://github.com/googleapis/google-api-python-client/commit/0927c1989574ae4272e4f753f4d55c88af62d8f2 --- docs/dyn/compute_alpha.acceleratorTypes.html | 91 +- docs/dyn/compute_alpha.addresses.html | 297 +- docs/dyn/compute_alpha.autoscalers.html | 769 ++- docs/dyn/compute_alpha.backendBuckets.html | 937 +++- docs/dyn/compute_alpha.backendServices.html | 2277 ++++++-- docs/dyn/compute_alpha.diskTypes.html | 115 +- docs/dyn/compute_alpha.disks.html | 1499 +++-- .../compute_alpha.externalVpnGateways.html | 196 +- docs/dyn/compute_alpha.firewallPolicies.html | 1039 +++- docs/dyn/compute_alpha.firewalls.html | 264 +- docs/dyn/compute_alpha.forwardingRules.html | 1004 +++- .../dyn/compute_alpha.futureReservations.html | 236 +- docs/dyn/compute_alpha.globalAddresses.html | 238 +- .../compute_alpha.globalForwardingRules.html | 815 ++- ...ute_alpha.globalNetworkEndpointGroups.html | 490 +- docs/dyn/compute_alpha.globalOperations.html | 157 +- ...te_alpha.globalOrganizationOperations.html | 77 +- ...e_alpha.globalPublicDelegatedPrefixes.html | 145 +- docs/dyn/compute_alpha.healthChecks.html | 623 ++- docs/dyn/compute_alpha.httpHealthChecks.html | 189 +- docs/dyn/compute_alpha.httpsHealthChecks.html | 189 +- docs/dyn/compute_alpha.imageFamilyViews.html | 103 +- docs/dyn/compute_alpha.images.html | 1292 ++++- .../compute_alpha.instanceGroupManagers.html | 1457 +++-- docs/dyn/compute_alpha.instanceGroups.html | 376 +- docs/dyn/compute_alpha.instanceTemplates.html | 1205 +++- docs/dyn/compute_alpha.instances.html | 3637 +++++++++--- ...compute_alpha.interconnectAttachments.html | 1079 +++- .../compute_alpha.interconnectLocations.html | 71 +- docs/dyn/compute_alpha.interconnects.html | 943 +++- docs/dyn/compute_alpha.licenseCodes.html | 638 ++- docs/dyn/compute_alpha.licenses.html | 747 ++- docs/dyn/compute_alpha.machineImages.html | 998 +++- docs/dyn/compute_alpha.machineTypes.html | 91 +- ...ute_alpha.networkEdgeSecurityServices.html | 169 +- .../compute_alpha.networkEndpointGroups.html | 624 ++- ...compute_alpha.networkFirewallPolicies.html | 999 +++- docs/dyn/compute_alpha.networks.html | 475 +- docs/dyn/compute_alpha.nodeGroups.html | 928 ++- docs/dyn/compute_alpha.nodeTemplates.html | 791 ++- docs/dyn/compute_alpha.nodeTypes.html | 91 +- ...te_alpha.organizationSecurityPolicies.html | 789 ++- docs/dyn/compute_alpha.packetMirrorings.html | 275 +- docs/dyn/compute_alpha.projects.html | 445 +- ...ompute_alpha.publicAdvertisedPrefixes.html | 145 +- ...compute_alpha.publicDelegatedPrefixes.html | 177 +- docs/dyn/compute_alpha.regionAutoscalers.html | 644 ++- .../compute_alpha.regionBackendServices.html | 1896 +++++-- docs/dyn/compute_alpha.regionCommitments.html | 200 +- docs/dyn/compute_alpha.regionDiskTypes.html | 69 +- docs/dyn/compute_alpha.regionDisks.html | 1222 +++- ...mpute_alpha.regionHealthCheckServices.html | 225 +- .../dyn/compute_alpha.regionHealthChecks.html | 524 +- .../compute_alpha.regionInPlaceSnapshots.html | 784 ++- ...ute_alpha.regionInstanceGroupManagers.html | 1337 +++-- .../compute_alpha.regionInstanceGroups.html | 146 +- docs/dyn/compute_alpha.regionInstances.html | 789 ++- .../compute_alpha.regionInstantSnapshots.html | 832 ++- ...ute_alpha.regionNetworkEndpointGroups.html | 379 +- ...e_alpha.regionNetworkFirewallPolicies.html | 999 +++- ...ute_alpha.regionNotificationEndpoints.html | 157 +- docs/dyn/compute_alpha.regionOperations.html | 111 +- .../compute_alpha.regionSecurityPolicies.html | 385 +- .../compute_alpha.regionSslCertificates.html | 153 +- ...compute_alpha.regionTargetHttpProxies.html | 200 +- ...ompute_alpha.regionTargetHttpsProxies.html | 295 +- docs/dyn/compute_alpha.regionUrlMaps.html | 4223 ++++++++++---- docs/dyn/compute_alpha.regions.html | 53 +- docs/dyn/compute_alpha.reservations.html | 775 ++- docs/dyn/compute_alpha.resourcePolicies.html | 751 ++- docs/dyn/compute_alpha.routers.html | 953 +++- docs/dyn/compute_alpha.routes.html | 156 +- docs/dyn/compute_alpha.securityPolicies.html | 779 ++- .../dyn/compute_alpha.serviceAttachments.html | 787 ++- docs/dyn/compute_alpha.snapshots.html | 841 ++- docs/dyn/compute_alpha.sslCertificates.html | 197 +- docs/dyn/compute_alpha.sslPolicies.html | 263 +- docs/dyn/compute_alpha.subnetworks.html | 976 +++- docs/dyn/compute_alpha.targetGrpcProxies.html | 153 +- docs/dyn/compute_alpha.targetHttpProxies.html | 306 +- .../dyn/compute_alpha.targetHttpsProxies.html | 539 +- docs/dyn/compute_alpha.targetInstances.html | 169 +- docs/dyn/compute_alpha.targetPools.html | 411 +- docs/dyn/compute_alpha.targetSslProxies.html | 277 +- docs/dyn/compute_alpha.targetTcpProxies.html | 199 +- docs/dyn/compute_alpha.targetVpnGateways.html | 197 +- docs/dyn/compute_alpha.urlMaps.html | 4954 ++++++++++++----- docs/dyn/compute_alpha.vpnGateways.html | 217 +- docs/dyn/compute_alpha.vpnTunnels.html | 265 +- .../compute_alpha.zoneInPlaceSnapshots.html | 784 ++- .../compute_alpha.zoneInstantSnapshots.html | 832 ++- docs/dyn/compute_alpha.zoneOperations.html | 111 +- docs/dyn/compute_alpha.zones.html | 53 +- docs/dyn/compute_beta.acceleratorTypes.html | 73 +- docs/dyn/compute_beta.addresses.html | 297 +- docs/dyn/compute_beta.autoscalers.html | 769 ++- docs/dyn/compute_beta.backendBuckets.html | 937 +++- docs/dyn/compute_beta.backendServices.html | 2109 +++++-- docs/dyn/compute_beta.diskTypes.html | 97 +- docs/dyn/compute_beta.disks.html | 1293 ++++- .../dyn/compute_beta.externalVpnGateways.html | 196 +- docs/dyn/compute_beta.firewallPolicies.html | 1039 +++- docs/dyn/compute_beta.firewalls.html | 264 +- docs/dyn/compute_beta.forwardingRules.html | 1004 +++- docs/dyn/compute_beta.globalAddresses.html | 230 +- .../compute_beta.globalForwardingRules.html | 815 ++- ...pute_beta.globalNetworkEndpointGroups.html | 382 +- docs/dyn/compute_beta.globalOperations.html | 157 +- ...ute_beta.globalOrganizationOperations.html | 77 +- ...te_beta.globalPublicDelegatedPrefixes.html | 145 +- docs/dyn/compute_beta.healthChecks.html | 623 ++- docs/dyn/compute_beta.httpHealthChecks.html | 189 +- docs/dyn/compute_beta.httpsHealthChecks.html | 189 +- docs/dyn/compute_beta.imageFamilyViews.html | 91 +- docs/dyn/compute_beta.images.html | 1226 +++- .../compute_beta.instanceGroupManagers.html | 1131 +++- docs/dyn/compute_beta.instanceGroups.html | 376 +- docs/dyn/compute_beta.instanceTemplates.html | 1193 +++- docs/dyn/compute_beta.instances.html | 3248 ++++++++--- .../compute_beta.interconnectAttachments.html | 457 +- .../compute_beta.interconnectLocations.html | 63 +- docs/dyn/compute_beta.interconnects.html | 341 +- docs/dyn/compute_beta.licenseCodes.html | 28 +- docs/dyn/compute_beta.licenses.html | 747 ++- docs/dyn/compute_beta.machineImages.html | 986 +++- docs/dyn/compute_beta.machineTypes.html | 73 +- .../compute_beta.networkEndpointGroups.html | 480 +- docs/dyn/compute_beta.networks.html | 415 +- docs/dyn/compute_beta.nodeGroups.html | 928 ++- docs/dyn/compute_beta.nodeTemplates.html | 791 ++- docs/dyn/compute_beta.nodeTypes.html | 73 +- ...ute_beta.organizationSecurityPolicies.html | 719 ++- docs/dyn/compute_beta.packetMirrorings.html | 275 +- docs/dyn/compute_beta.projects.html | 413 +- ...compute_beta.publicAdvertisedPrefixes.html | 145 +- .../compute_beta.publicDelegatedPrefixes.html | 177 +- docs/dyn/compute_beta.regionAutoscalers.html | 644 ++- .../compute_beta.regionBackendServices.html | 1756 ++++-- docs/dyn/compute_beta.regionCommitments.html | 159 +- docs/dyn/compute_beta.regionDiskTypes.html | 57 +- docs/dyn/compute_beta.regionDisks.html | 1173 +++- ...ompute_beta.regionHealthCheckServices.html | 185 +- docs/dyn/compute_beta.regionHealthChecks.html | 524 +- ...pute_beta.regionInstanceGroupManagers.html | 985 +++- .../compute_beta.regionInstanceGroups.html | 146 +- docs/dyn/compute_beta.regionInstances.html | 190 +- ...pute_beta.regionNetworkEndpointGroups.html | 271 +- ...pute_beta.regionNotificationEndpoints.html | 123 +- docs/dyn/compute_beta.regionOperations.html | 111 +- .../compute_beta.regionSslCertificates.html | 153 +- .../compute_beta.regionTargetHttpProxies.html | 200 +- ...compute_beta.regionTargetHttpsProxies.html | 295 +- docs/dyn/compute_beta.regionUrlMaps.html | 4223 ++++++++++---- docs/dyn/compute_beta.regions.html | 41 +- docs/dyn/compute_beta.reservations.html | 775 ++- docs/dyn/compute_beta.resourcePolicies.html | 743 ++- docs/dyn/compute_beta.routers.html | 793 ++- docs/dyn/compute_beta.routes.html | 156 +- docs/dyn/compute_beta.securityPolicies.html | 617 +- docs/dyn/compute_beta.serviceAttachments.html | 787 ++- docs/dyn/compute_beta.snapshots.html | 829 ++- docs/dyn/compute_beta.sslCertificates.html | 197 +- docs/dyn/compute_beta.sslPolicies.html | 215 +- docs/dyn/compute_beta.subnetworks.html | 976 +++- docs/dyn/compute_beta.targetGrpcProxies.html | 153 +- docs/dyn/compute_beta.targetHttpProxies.html | 306 +- docs/dyn/compute_beta.targetHttpsProxies.html | 507 +- docs/dyn/compute_beta.targetInstances.html | 169 +- docs/dyn/compute_beta.targetPools.html | 411 +- docs/dyn/compute_beta.targetSslProxies.html | 245 +- docs/dyn/compute_beta.targetTcpProxies.html | 199 +- docs/dyn/compute_beta.targetVpnGateways.html | 197 +- docs/dyn/compute_beta.urlMaps.html | 4954 ++++++++++++----- docs/dyn/compute_beta.vpnGateways.html | 217 +- docs/dyn/compute_beta.vpnTunnels.html | 265 +- docs/dyn/compute_beta.zoneOperations.html | 111 +- docs/dyn/compute_beta.zones.html | 41 +- docs/dyn/compute_v1.acceleratorTypes.html | 73 +- docs/dyn/compute_v1.addresses.html | 241 +- docs/dyn/compute_v1.autoscalers.html | 725 ++- docs/dyn/compute_v1.backendBuckets.html | 285 +- docs/dyn/compute_v1.backendServices.html | 1323 ++++- docs/dyn/compute_v1.diskTypes.html | 97 +- docs/dyn/compute_v1.disks.html | 1195 +++- docs/dyn/compute_v1.externalVpnGateways.html | 196 +- docs/dyn/compute_v1.firewallPolicies.html | 1039 +++- docs/dyn/compute_v1.firewalls.html | 256 +- docs/dyn/compute_v1.forwardingRules.html | 996 +++- docs/dyn/compute_v1.globalAddresses.html | 184 +- .../dyn/compute_v1.globalForwardingRules.html | 807 ++- ...ompute_v1.globalNetworkEndpointGroups.html | 382 +- docs/dyn/compute_v1.globalOperations.html | 157 +- ...mpute_v1.globalOrganizationOperations.html | 77 +- ...pute_v1.globalPublicDelegatedPrefixes.html | 145 +- docs/dyn/compute_v1.healthChecks.html | 615 +- docs/dyn/compute_v1.httpHealthChecks.html | 181 +- docs/dyn/compute_v1.httpsHealthChecks.html | 181 +- docs/dyn/compute_v1.images.html | 1086 +++- .../dyn/compute_v1.instanceGroupManagers.html | 949 +++- docs/dyn/compute_v1.instanceGroups.html | 368 +- docs/dyn/compute_v1.instanceTemplates.html | 1112 +++- docs/dyn/compute_v1.instances.html | 2774 ++++++--- .../compute_v1.interconnectAttachments.html | 397 +- .../dyn/compute_v1.interconnectLocations.html | 63 +- docs/dyn/compute_v1.interconnects.html | 291 +- docs/dyn/compute_v1.licenseCodes.html | 28 +- docs/dyn/compute_v1.licenses.html | 747 ++- docs/dyn/compute_v1.machineTypes.html | 73 +- .../dyn/compute_v1.networkEndpointGroups.html | 476 +- docs/dyn/compute_v1.networks.html | 365 +- docs/dyn/compute_v1.nodeGroups.html | 928 ++- docs/dyn/compute_v1.nodeTemplates.html | 791 ++- docs/dyn/compute_v1.nodeTypes.html | 73 +- docs/dyn/compute_v1.packetMirrorings.html | 275 +- docs/dyn/compute_v1.projects.html | 413 +- .../compute_v1.publicAdvertisedPrefixes.html | 145 +- .../compute_v1.publicDelegatedPrefixes.html | 177 +- docs/dyn/compute_v1.regionAutoscalers.html | 606 +- .../dyn/compute_v1.regionBackendServices.html | 1026 +++- docs/dyn/compute_v1.regionCommitments.html | 117 +- docs/dyn/compute_v1.regionDiskTypes.html | 57 +- docs/dyn/compute_v1.regionDisks.html | 1096 +++- .../compute_v1.regionHealthCheckServices.html | 153 +- docs/dyn/compute_v1.regionHealthChecks.html | 516 +- ...ompute_v1.regionInstanceGroupManagers.html | 851 ++- docs/dyn/compute_v1.regionInstanceGroups.html | 138 +- docs/dyn/compute_v1.regionInstances.html | 163 +- ...ompute_v1.regionNetworkEndpointGroups.html | 271 +- ...ompute_v1.regionNotificationEndpoints.html | 115 +- docs/dyn/compute_v1.regionOperations.html | 111 +- .../dyn/compute_v1.regionSslCertificates.html | 145 +- .../compute_v1.regionTargetHttpProxies.html | 183 +- .../compute_v1.regionTargetHttpsProxies.html | 278 +- docs/dyn/compute_v1.regionUrlMaps.html | 4141 ++++++++++---- docs/dyn/compute_v1.regions.html | 41 +- docs/dyn/compute_v1.reservations.html | 775 ++- docs/dyn/compute_v1.resourcePolicies.html | 743 ++- docs/dyn/compute_v1.routers.html | 609 +- docs/dyn/compute_v1.routes.html | 148 +- docs/dyn/compute_v1.securityPolicies.html | 413 +- docs/dyn/compute_v1.snapshots.html | 739 ++- docs/dyn/compute_v1.sslCertificates.html | 189 +- docs/dyn/compute_v1.sslPolicies.html | 207 +- docs/dyn/compute_v1.subnetworks.html | 936 +++- docs/dyn/compute_v1.targetGrpcProxies.html | 145 +- docs/dyn/compute_v1.targetHttpProxies.html | 280 +- docs/dyn/compute_v1.targetHttpsProxies.html | 484 +- docs/dyn/compute_v1.targetInstances.html | 161 +- docs/dyn/compute_v1.targetPools.html | 403 +- docs/dyn/compute_v1.targetSslProxies.html | 237 +- docs/dyn/compute_v1.targetTcpProxies.html | 191 +- docs/dyn/compute_v1.targetVpnGateways.html | 141 +- docs/dyn/compute_v1.urlMaps.html | 4897 +++++++++++----- docs/dyn/compute_v1.vpnGateways.html | 217 +- docs/dyn/compute_v1.vpnTunnels.html | 209 +- docs/dyn/compute_v1.zoneOperations.html | 111 +- docs/dyn/compute_v1.zones.html | 41 +- ..._v1beta1.projects.databases.documents.html | 510 +- ...dentities_v1alpha1.projects.locations.html | 2 +- ...identities_v1beta1.projects.locations.html | 2 +- ...books_v1.projects.locations.schedules.html | 6 +- .../discovery_cache/documents/apikeys.v2.json | 2 +- .../documents/area120tables.v1alpha1.json | 2 +- .../documents/calendar.v3.json | 2 +- .../documents/chromemanagement.v1.json | 2 +- .../documents/chromepolicy.v1.json | 2 +- .../documents/chromeuxreport.v1.json | 2 +- .../documents/content.v2.1.json | 2 +- .../discovery_cache/documents/content.v2.json | 2 +- .../documents/customsearch.v1.json | 2 +- .../documents/datalabeling.v1beta1.json | 2 +- .../documents/displayvideo.v1.json | 2 +- .../documents/doubleclicksearch.v2.json | 2 +- .../documents/essentialcontacts.v1.json | 2 +- .../documents/eventarc.v1beta1.json | 2 +- .../documents/factchecktools.v1alpha1.json | 2 +- .../discovery_cache/documents/games.v1.json | 2 +- .../gamesConfiguration.v1configuration.json | 2 +- .../gamesManagement.v1management.json | 2 +- .../documents/gmailpostmastertools.v1.json | 2 +- .../gmailpostmastertools.v1beta1.json | 2 +- .../documents/libraryagent.v1.json | 2 +- .../documents/lifesciences.v2beta.json | 2 +- .../documents/localservices.v1.json | 2 +- .../documents/managedidentities.v1alpha1.json | 12 +- .../documents/managedidentities.v1beta1.json | 12 +- .../documents/memcache.v1.json | 2 +- .../documents/networkmanagement.v1.json | 2 +- .../documents/notebooks.v1.json | 4 +- .../documents/orgpolicy.v2.json | 2 +- .../documents/pagespeedonline.v5.json | 2 +- .../paymentsresellersubscription.v1.json | 2 +- .../discovery_cache/documents/people.v1.json | 2 +- .../documents/playcustomapp.v1.json | 2 +- .../documents/prod_tt_sasportal.v1alpha1.json | 2 +- .../documents/pubsublite.v1.json | 2 +- .../documents/safebrowsing.v4.json | 2 +- .../documents/secretmanager.v1.json | 2 +- .../documents/secretmanager.v1beta1.json | 2 +- .../serviceconsumermanagement.v1.json | 2 +- .../serviceconsumermanagement.v1beta1.json | 2 +- .../documents/servicedirectory.v1.json | 2 +- .../documents/servicedirectory.v1beta1.json | 2 +- .../documents/serviceusage.v1.json | 2 +- .../documents/serviceusage.v1beta1.json | 2 +- .../discovery_cache/documents/storage.v1.json | 4 +- .../documents/streetviewpublish.v1.json | 2 +- 307 files changed, 116280 insertions(+), 39446 deletions(-) diff --git a/docs/dyn/compute_alpha.acceleratorTypes.html b/docs/dyn/compute_alpha.acceleratorTypes.html index 02af0efdc94..a01525cc229 100644 --- a/docs/dyn/compute_alpha.acceleratorTypes.html +++ b/docs/dyn/compute_alpha.acceleratorTypes.html @@ -75,7 +75,7 @@

Compute Engine API . acceleratorTypes

Instance Methods

- aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+ aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

Retrieves an aggregated list of accelerator types.

aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@

Instance Methods

close()

Close httplib2 connections.

- get(project, zone, acceleratorType, x__xgafv=None)

+ get(project, zone, acceleratorType)

Returns the specified accelerator type.

- list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+ list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

Retrieves a list of accelerator types that are available to the specified project.

list_next(previous_request, previous_response)

Retrieves the next page of results.

Method Details

- aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None) + aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None) 
Retrieves an aggregated list of accelerator types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of AcceleratorTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of accelerator types.
       "acceleratorTypes": [ # [Output Only] A list of accelerator types contained in this scope.
-        { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+        { # Represents an Accelerator Type resource.
+            #
+            # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
             "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -128,7 +136,11 @@ 
Method Details

             "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
             "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
               "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+                  #
+                  # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+                  #
+                  # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
                 "a_key": "A String",
               },
             },
@@ -145,7 +157,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the accelerator types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -163,7 +176,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -194,22 +208,20 @@ 
Method Details
- get(project, zone, acceleratorType, x__xgafv=None) + get(project, zone, acceleratorType) 
Returns the specified accelerator type.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   acceleratorType: string, Name of the accelerator type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+    { # Represents an Accelerator Type resource.
+    #
+    # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
     "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -219,7 +231,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -236,21 +252,27 @@ 
Method Details
- list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None) + list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None) 
Retrieves a list of accelerator types that are available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -258,7 +280,9 @@ 
Method Details

     { # Contains a list of accelerator types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of AcceleratorType resources.
-    { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+    { # Represents an Accelerator Type resource.
+        #
+        # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
         "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -268,7 +292,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -288,7 +316,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.addresses.html b/docs/dyn/compute_alpha.addresses.html
index 444ba44cea1..53e6558765f 100644
--- a/docs/dyn/compute_alpha.addresses.html
+++ b/docs/dyn/compute_alpha.addresses.html
@@ -75,7 +75,7 @@
 
Compute Engine API . addresses

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of addresses.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, address, requestId=None, x__xgafv=None)

+  delete(project, region, address, requestId=None)

 
Deletes the specified address resource.

 

-  get(project, region, address, x__xgafv=None)

+  get(project, region, address)

 
Returns the specified address resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an address resource in the specified project by using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of addresses contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of addresses.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,21 @@ 
Method Details

   "items": { # A list of AddressesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of addresses.
       "addresses": [ # [Output Only] A list of addresses contained in this scope.
-        { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+        { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+            #
+            # Use global internal addresses for reserved peering network range.
+            #
+            # Use regional external addresses for the following resources:
+            #
+            # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+            #
+            # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+            #
+            # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+            #
+            # For more information, read reserved IP address.
+            #
+            # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
           "address": "A String", # The static IP address represented by this resource.
           "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -138,16 +158,25 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
           "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an Address.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
           "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+              #
+              # If this field is not specified, it is assumed to be PREMIUM.
           "prefixLength": 42, # The prefix length if the resource represents an IP range.
-          "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-          "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+          "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+              # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+              # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+              # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+              # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+              # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+          "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
           "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
@@ -159,7 +188,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -177,7 +207,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -208,23 +239,36 @@ 
Method Details

 

 
 

-    delete(project, region, address, requestId=None, x__xgafv=None)
+    delete(project, region, address, requestId=None)
   
Deletes the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   address: string, Name of the address resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -259,7 +303,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -273,22 +318,32 @@ 
Method Details

 

 
 

-    get(project, region, address, x__xgafv=None)
+    get(project, region, address)
   
Returns the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   address: string, Name of the address resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    #
+    # Use global internal addresses for reserved peering network range.
+    #
+    # Use regional external addresses for the following resources:
+    #
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    #
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    #
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    #
+    # For more information, read reserved IP address.
+    #
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -296,16 +351,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
@@ -317,7 +381,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an address resource in the specified project by using the data included in the request.
 
 Args:
@@ -326,7 +390,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    # 
+    # Use global internal addresses for reserved peering network range.
+    # 
+    # Use regional external addresses for the following resources:
+    # 
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    # 
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    # 
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    # 
+    # For more information, read reserved IP address.
+    # 
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -334,16 +412,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
@@ -353,16 +440,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -397,7 +497,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -411,21 +512,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of addresses contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -433,7 +540,21 @@ 
Method Details

     { # Contains a list of addresses.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Address resources.
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+        #
+        # Use global internal addresses for reserved peering network range.
+        #
+        # Use regional external addresses for the following resources:
+        #
+        # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+        #
+        # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+        #
+        # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+        #
+        # For more information, read reserved IP address.
+        #
+        # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
       "address": "A String", # The static IP address represented by this resource.
       "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -441,16 +562,25 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
       "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an Address.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM.
       "prefixLength": 42, # The prefix length if the resource represents an IP range.
-      "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+      "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+          # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+          # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+          # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+          # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+          # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
       "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
@@ -465,7 +595,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -491,7 +622,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -508,16 +639,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -552,7 +696,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -566,7 +711,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -582,10 +727,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.autoscalers.html b/docs/dyn/compute_alpha.autoscalers.html
index 9772d989312..76843312667 100644
--- a/docs/dyn/compute_alpha.autoscalers.html
+++ b/docs/dyn/compute_alpha.autoscalers.html
@@ -75,7 +75,7 @@
 
Compute Engine API . autoscalers

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of autoscalers.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, autoscaler, requestId=None, x__xgafv=None)

+  delete(project, zone, autoscaler, requestId=None)

 
Deletes the specified autoscaler.

 

-  get(project, zone, autoscaler, x__xgafv=None)

+  get(project, zone, autoscaler)

 
Returns the specified autoscaler resource. Gets a list of available autoscalers by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an autoscaler in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of autoscalers contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  update(project, zone, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of autoscalers.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,19 +139,58 @@ 
Method Details

   "items": { # A list of AutoscalersScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of autoscalers.
       "autoscalers": [ # [Output Only] A list of autoscalers contained in this scope.
-        { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-          "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-            "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+        { # Represents an Autoscaler resource.
+            #
+            # Google Compute Engine has two Autoscaler resources:
+            #
+            # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+            #
+            # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+            #
+            # For zonal managed instance groups resource, use the autoscaler resource.
+            #
+            # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+          "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+              #
+              # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+            "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+                #
+                # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
             "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-              "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-              "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+              "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+                  #
+                  # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+              "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+                  #
+                  # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+                  #
+                  # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
             },
             "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
               { # Custom utilization metric policy.
-                "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-                "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-                "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-                "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+                "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                    #
+                    # For the filter to be valid for autoscaling purposes, the following rules apply:
+                    # - You can only use the AND operator for joining selectors.
+                    # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                    # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                    # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                    # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                    #
+                    # If not specified, the type defaults to gce_instance.
+                    #
+                    # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+                "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                    #
+                    # The metric must have a value type of INT64 or DOUBLE.
+                "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                    #
+                    # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                    #
+                    # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+                "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                    #
+                    # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
                 "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
               },
             ],
@@ -157,7 +202,11 @@ 
Method Details

             "mode": "A String", # Defines operating mode for this policy.
             "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
               "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -165,7 +214,11 @@ 
Method Details

             },
             "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
               "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -178,7 +231,7 @@ 
Method Details

                 "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
                 "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
                 "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-                "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+                "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
               },
             },
           },
@@ -198,11 +251,31 @@ 
Method Details

           },
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+          "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+              # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+              # - DELETING: Configuration is being deleted.
+              # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+              # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
           "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
             {
               "message": "A String", # The status message.
-              "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+              "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+                  # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+                  # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+                  # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+                  # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+                  # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+                  # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+                  # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+                  # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+                  # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+                  # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+                  # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+                  # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+                  # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+                  # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+                  # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+                  # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
             },
           ],
           "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -211,7 +284,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of autoscalers when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -224,12 +298,13 @@ 
Method Details

   "kind": "compute#autoscalerAggregatedList", # [Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "unreachables": [ # [Output Only] Unreachable resources. end_interface: MixerListResponseWithEtagBuilder
+  "unreachables": [ # [Output Only] Unreachable resources.
     "A String",
   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -260,23 +335,36 @@ 
Method Details

 

 
 

-    delete(project, zone, autoscaler, requestId=None, x__xgafv=None)
+    delete(project, zone, autoscaler, requestId=None)
   
Deletes the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   autoscaler: string, Name of the autoscaler to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -311,7 +399,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -325,34 +414,69 @@ 
Method Details

 

 
 

-    get(project, zone, autoscaler, x__xgafv=None)
+    get(project, zone, autoscaler)
   
Returns the specified autoscaler resource. Gets a list of available autoscalers by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   autoscaler: string, Name of the autoscaler to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+    #
+    # Google Compute Engine has two Autoscaler resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    #
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    #
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    #
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      #
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -364,7 +488,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -372,7 +500,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -385,7 +517,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -405,11 +537,31 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -418,7 +570,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -427,19 +579,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -451,7 +642,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -459,7 +654,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -472,7 +671,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -492,27 +691,60 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
   "zone": "A String", # [Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -547,7 +779,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -561,21 +794,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of autoscalers contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -583,19 +822,58 @@ 
Method Details

     { # Contains a list of Autoscaler resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Autoscaler resources.
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+        #
+        # Google Compute Engine has two Autoscaler resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+        #
+        # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+        #
+        # For zonal managed instance groups resource, use the autoscaler resource.
+        #
+        # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+          #
+          # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+            #
+            # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
         "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+              #
+              # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+              #
+              # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+              #
+              # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
         },
         "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
           { # Custom utilization metric policy.
-            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                #
+                # For the filter to be valid for autoscaling purposes, the following rules apply:
+                # - You can only use the AND operator for joining selectors.
+                # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                #
+                # If not specified, the type defaults to gce_instance.
+                #
+                # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                #
+                # The metric must have a value type of INT64 or DOUBLE.
+            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                #
+                # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                #
+                # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                #
+                # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
             "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
           },
         ],
@@ -607,7 +885,11 @@ 
Method Details

         "mode": "A String", # Defines operating mode for this policy.
         "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -615,7 +897,11 @@ 
Method Details

         },
         "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -628,7 +914,7 @@ 
Method Details

             "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
             "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
             "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
           },
         },
       },
@@ -648,11 +934,31 @@ 
Method Details

       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+          # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+          # - DELETING: Configuration is being deleted.
+          # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+          # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
       "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
         {
           "message": "A String", # The status message.
-          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+              # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+              # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+              # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+              # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+              # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+              # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+              # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+              # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+              # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+              # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+              # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+              # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+              # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+              # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+              # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+              # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
         },
       ],
       "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -664,7 +970,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -690,7 +997,7 @@ 
Method Details

 

 
 

-    patch(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -699,19 +1006,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -723,7 +1069,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -731,7 +1081,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -744,7 +1098,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -764,11 +1118,31 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -776,16 +1150,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -820,7 +1207,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -834,7 +1222,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -850,10 +1238,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -866,7 +1250,7 @@ 
Method Details

 

 
 

-    update(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    update(project, zone, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -875,19 +1259,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -899,7 +1322,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -907,7 +1334,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -920,7 +1351,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -940,11 +1371,31 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -952,16 +1403,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to update.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -996,7 +1460,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.backendBuckets.html b/docs/dyn/compute_alpha.backendBuckets.html
index f602d3162d5..d5b48da8da1 100644
--- a/docs/dyn/compute_alpha.backendBuckets.html
+++ b/docs/dyn/compute_alpha.backendBuckets.html
@@ -75,50 +75,50 @@
 
Compute Engine API . backendBuckets

 
Instance Methods

 

-  addSignedUrlKey(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  addSignedUrlKey(project, backendBucket, body=None, requestId=None)

 
Adds a key for validating requests with signed URLs for this backend bucket.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, backendBucket, requestId=None, x__xgafv=None)

+  delete(project, backendBucket, requestId=None)

 
Deletes the specified BackendBucket resource.

 

-  deleteSignedUrlKey(project, backendBucket, keyName, requestId=None, x__xgafv=None)

+  deleteSignedUrlKey(project, backendBucket, keyName, requestId=None)

 
Deletes a key for validating requests with signed URLs for this backend bucket.

 

-  get(project, backendBucket, x__xgafv=None)

+  get(project, backendBucket)

 
Returns the specified BackendBucket resource. Gets a list of available backend buckets by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a BackendBucket resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of BackendBucket resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  patch(project, backendBucket, body=None, requestId=None)

 
Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None)

 
Sets the edge security policy for the specified backend bucket.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  update(project, backendBucket, body=None, requestId=None)

 
Updates the specified BackendBucket resource with the data included in the request.

 
Method Details

 

-    addSignedUrlKey(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    addSignedUrlKey(project, backendBucket, body=None, requestId=None)
   
Adds a key for validating requests with signed URLs for this backend bucket.
 
 Args:
@@ -132,16 +132,29 @@ 
Method Details

   "keyValue": "A String", # 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -176,7 +189,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -195,22 +209,35 @@ 
Method Details

 

 
 

-    delete(project, backendBucket, requestId=None, x__xgafv=None)
+    delete(project, backendBucket, requestId=None)
   
Deletes the specified BackendBucket resource.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -245,7 +272,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -259,23 +287,36 @@ 
Method Details

 

 
 

-    deleteSignedUrlKey(project, backendBucket, keyName, requestId=None, x__xgafv=None)
+    deleteSignedUrlKey(project, backendBucket, keyName, requestId=None)
   
Deletes a key for validating requests with signed URLs for this backend bucket.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035. (required)
   keyName: string, The name of the Signed URL Key to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -310,7 +351,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -324,21 +366,19 @@ 
Method Details

 

 
 

-    get(project, backendBucket, x__xgafv=None)
+    get(project, backendBucket)
   
Returns the specified BackendBucket resource. Gets a list of available backend buckets by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+    { # Represents a Cloud Storage Bucket resource.
+    #
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -354,7 +394,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -372,7 +418,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -389,34 +435,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -424,76 +494,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a BackendBucket resource in the specified project using the data included in the request.
 
 Args:
@@ -501,7 +639,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -517,7 +657,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -535,7 +681,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -550,16 +696,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -594,7 +753,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -608,20 +768,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of BackendBucket resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -629,7 +795,9 @@ 
Method Details

     { # Contains a list of BackendBucket resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendBucket resources.
-    { # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+    { # Represents a Cloud Storage Bucket resource.
+        #
+        # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
       "bucketName": "A String", # Cloud Storage bucket name.
       "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -645,7 +813,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -663,7 +837,7 @@ 
Method Details

           "A String",
         ],
       },
-      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
         "A String",
@@ -683,7 +857,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -709,7 +884,7 @@ 
Method Details

 

 
 

-    patch(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    patch(project, backendBucket, body=None, requestId=None)
   
Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -718,7 +893,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -734,7 +911,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -752,7 +935,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -767,16 +950,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -811,7 +1007,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -825,7 +1022,7 @@ 
Method Details

 

 
 

-    setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None)
   
Sets the edge security policy for the specified backend bucket.
 
 Args:
@@ -838,16 +1035,29 @@ 
Method Details

   "securityPolicy": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -882,7 +1092,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -896,7 +1107,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -908,33 +1119,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -942,95 +1227,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1038,76 +1415,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1122,10 +1567,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1138,7 +1579,7 @@ 
Method Details

 

 
 

-    update(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    update(project, backendBucket, body=None, requestId=None)
   
Updates the specified BackendBucket resource with the data included in the request.
 
 Args:
@@ -1147,7 +1588,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -1163,7 +1606,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1181,7 +1630,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -1196,16 +1645,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1240,7 +1702,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.backendServices.html b/docs/dyn/compute_alpha.backendServices.html
index fb45c25c269..6d76edfaed5 100644
--- a/docs/dyn/compute_alpha.backendServices.html
+++ b/docs/dyn/compute_alpha.backendServices.html
@@ -75,10 +75,10 @@
 
Compute Engine API . backendServices

 
Instance Methods

 

-  addSignedUrlKey(project, backendService, body=None, requestId=None, x__xgafv=None)

+  addSignedUrlKey(project, backendService, body=None, requestId=None)

 
Adds a key for validating requests with signed URLs for this backend service.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all BackendService resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,50 +87,50 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, backendService, requestId=None, x__xgafv=None)

+  delete(project, backendService, requestId=None)

 
Deletes the specified BackendService resource.

 

-  deleteSignedUrlKey(project, backendService, keyName, requestId=None, x__xgafv=None)

+  deleteSignedUrlKey(project, backendService, keyName, requestId=None)

 
Deletes a key for validating requests with signed URLs for this backend service.

 

-  get(project, backendService, x__xgafv=None)

+  get(project, backendService)

 
Returns the specified BackendService resource. Gets a list of available backend services.

 

-  getHealth(project, backendService, body=None, x__xgafv=None)

-
Gets the most recent health check results for this BackendService. Example request body: { "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }

+  getHealth(project, backendService, body=None)

+
Gets the most recent health check results for this BackendService.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

-
Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview .

+  insert(project, body=None, requestId=None)

+
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of BackendService resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, backendService, body=None, requestId=None, x__xgafv=None)

-
Patches the specified BackendService resource with the data included in the request. For more information, see Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+  patch(project, backendService, body=None, requestId=None)

+
Patches the specified BackendService resource with the data included in the request. For more information, see  Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setEdgeSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)

+  setEdgeSecurityPolicy(project, backendService, body=None, requestId=None)

 
Sets the edge security policy for the specified backend service.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)

+  setSecurityPolicy(project, backendService, body=None, requestId=None)

 
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, backendService, body=None, requestId=None, x__xgafv=None)

+  update(project, backendService, body=None, requestId=None)

 
Updates the specified BackendService resource with the data included in the request. For more information, see Backend services overview.

 
Method Details

 

-    addSignedUrlKey(project, backendService, body=None, requestId=None, x__xgafv=None)
+    addSignedUrlKey(project, backendService, body=None, requestId=None)
   
Adds a key for validating requests with signed URLs for this backend service.
 
 Args:
@@ -144,16 +144,29 @@ 
Method Details

   "keyValue": "A String", # 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -188,7 +201,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -202,21 +216,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all BackendService resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -226,25 +246,69 @@ 
Method Details

   "items": { # A list of BackendServicesScopedList resources.
     "a_key": { # Name of the scope containing this set of BackendServices.
       "backendServices": [ # A list of BackendServices contained in this scope.
-        { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-          "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+        { # Represents a Backend Service resource.
+            #
+            # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+            #
+            # Backend services in Google Compute Engine can be either regionally or globally scoped.
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+            #
+            # For more information, see Backend Services.
+            #
+            # (== resource_for {$api_version}.backendService ==)
+          "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+              #
+              # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backends": [ # The list of backends that serve this BackendService.
             { # Message containing information of one individual backend.
-              "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-              "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+              "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+              "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+                  #
+                  # Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
               "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-              "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-              "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-              "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-              "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-              "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-              "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-              "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+              "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+                  #
+                  #
+                  # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+                  #
+                  #
+                  # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+                  #
+                  # For regional services, the backend must be in the same region as the backend service.
+                  #
+                  # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+              "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing
+              "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+              "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+              "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
+              "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
+              "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
               "maxUtilization": 3.14,
             },
           ],
-          "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+          "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
             "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
               { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
                 "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -267,7 +331,13 @@ 
Method Details

                 "A String",
               ],
             },
-            "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+            "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+                #
+                # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+                #
+                # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+                #
+                # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
             "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
             "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -296,16 +366,38 @@ 
Method Details

             "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           },
-          "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+          "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
           "connectionDraining": { # Message containing connection draining configuration.
             "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
           },
           "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-            "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-            "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-            "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+            "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+                #
+                # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+                #
+                # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+                #
+                # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+            "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+                #
+                # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+                #
+                # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+                #
+                # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+            "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+                #
+                # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+                #
+                # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
           },
-          "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
               "name": "A String", # Name of the cookie.
               "path": "A String", # Path to set for the cookie.
@@ -328,12 +420,16 @@ 
Method Details

           "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
           "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
           "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-            "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+            "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+                #
+                # The default is false.
             "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
             "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
           },
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-          "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+          "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
             "A String",
           ],
           "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -344,24 +440,47 @@ 
Method Details

               "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
               "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
             },
-            "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+            "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
             "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
           },
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-          "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-          "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+          "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+              # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+              # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+              # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+              # - RANDOM: The load balancer selects a random healthy host.
+              # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+              # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+              #
+              # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
             "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
             "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+              # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+              # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-          "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -380,12 +499,24 @@ 
Method Details

             "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
             "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
           },
-          "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-          "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-          "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+          "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+              #
+              # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+          "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+              #
+              #
+              #
+              # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+          "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+              #
+              # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+              #
+              # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
           "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-          "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
             "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
             "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
               "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -396,7 +527,17 @@ 
Method Details

                     ],
                     "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
                     "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-                    "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+                    "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                        #
+                        # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                        #
+                        # Authorization: Bearer .
+                        #
+                        # 2. `access_token` query parameter. See `this `_
+                        #
+                        # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                        #
+                        # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
                       { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                         "name": "A String", # The HTTP header name.
                         "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -426,7 +567,9 @@ 
Method Details

                   "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                     "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                       "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                            # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                            # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                         "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                           "name": "A String", # Plugin name.
                           "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -448,7 +591,9 @@ 
Method Details

                   "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                     "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                       "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                            # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                            # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                         "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                           "name": "A String", # Plugin name.
                           "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -543,7 +688,10 @@ 
Method Details

                 },
               ],
             },
-            "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+            "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+                # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                # If left blank, communications are not encrypted.
+                # Note: This field currently has no impact.
             "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
               "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
                 "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -555,7 +703,9 @@ 
Method Details

                   "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                     "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                       "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                            # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                            # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                         "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                           "name": "A String", # Plugin name.
                           "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -577,7 +727,9 @@ 
Method Details

                   "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                     "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                       "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                        "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                            # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                            # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                         "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                           "name": "A String", # Plugin name.
                           "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -602,13 +754,26 @@ 
Method Details

                 "A String",
               ],
             },
-            "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+            "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+                # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+                # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+                # Note: This field currently has no impact.
               "A String",
             ],
           },
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+              #
+              # When the loadBalancingScheme is EXTERNAL:
+              #
+              # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+              #
+              # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+              #
+              # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
             "policy": "A String",
           },
@@ -617,7 +782,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -635,7 +801,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -666,22 +833,35 @@ 
Method Details

 

 
 

-    delete(project, backendService, requestId=None, x__xgafv=None)
+    delete(project, backendService, requestId=None)
   
Deletes the specified BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -716,7 +896,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -730,23 +911,36 @@ 
Method Details

 

 
 

-    deleteSignedUrlKey(project, backendService, keyName, requestId=None, x__xgafv=None)
+    deleteSignedUrlKey(project, backendService, keyName, requestId=None)
   
Deletes a key for validating requests with signed URLs for this backend service.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035. (required)
   keyName: string, The name of the Signed URL Key to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -781,7 +975,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -795,39 +990,79 @@ 
Method Details

 

 
 

-    get(project, backendService, x__xgafv=None)
+    get(project, backendService)
   
Returns the specified BackendService resource. Gets a list of available backend services.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+    #
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    #
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    #
+    # For more information, see Backend Services.
+    #
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      #
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -850,7 +1085,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -879,16 +1120,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -911,12 +1174,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -927,24 +1194,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      #
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -963,12 +1253,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      #
+      #
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      #
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      #
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -979,7 +1281,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -1009,7 +1321,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1031,7 +1345,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1126,7 +1442,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -1138,7 +1457,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1160,7 +1481,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1185,13 +1508,26 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      #
+      # When the loadBalancingScheme is EXTERNAL:
+      #
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      #
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      #
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
@@ -1200,8 +1536,12 @@ 
Method Details

 

 
 

-    getHealth(project, backendService, body=None, x__xgafv=None)
-  
Gets the most recent health check results for this BackendService. Example request body: { "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }
+    getHealth(project, backendService, body=None)
+  
Gets the most recent health check results for this BackendService.
+
+Example request body:
+
+{ "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }
 
 Args:
   project: string, A parameter (required)
@@ -1213,10 +1553,6 @@ 
Method Details

   "group": "A String", # A URI referencing one of the instance groups or network endpoint groups listed in the backend service.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1245,34 +1581,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1280,102 +1640,214 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
-  
Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview .
+    insert(project, body=None, requestId=None)
+  
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1398,7 +1870,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1427,16 +1905,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1459,12 +1959,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -1475,24 +1979,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1511,12 +2038,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -1527,7 +2066,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -1557,7 +2106,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1579,7 +2130,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1674,7 +2227,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -1686,7 +2242,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1708,7 +2266,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1733,29 +2293,55 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1790,7 +2376,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1804,20 +2391,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of BackendService resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1825,25 +2418,69 @@ 
Method Details

     { # Contains a list of BackendService resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendService resources.
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+        #
+        # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+        #
+        # Backend services in Google Compute Engine can be either regionally or globally scoped.
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+        #
+        # For more information, see Backend Services.
+        #
+        # (== resource_for {$api_version}.backendService ==)
+      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+          #
+          # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backends": [ # The list of backends that serve this BackendService.
         { # Message containing information of one individual backend.
-          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+              #
+              # Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+              #
+              # For regional services, the backend must be in the same region as the backend service.
+              #
+              # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
           "maxUtilization": 3.14,
         },
       ],
-      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
           { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
             "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1866,7 +2503,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1895,16 +2538,38 @@ 
Method Details

         "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       },
-      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
       "connectionDraining": { # Message containing connection draining configuration.
         "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
       },
       "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+            #
+            # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+            #
+            # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+            #
+            # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+            #
+            # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+            #
+            # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+            #
+            # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+            #
+            # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+            #
+            # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
       },
-      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
           "name": "A String", # Name of the cookie.
           "path": "A String", # Path to set for the cookie.
@@ -1927,12 +2592,16 @@ 
Method Details

       "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
       "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
       "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+            #
+            # The default is false.
         "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
         "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
       },
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
         "A String",
       ],
       "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -1943,24 +2612,47 @@ 
Method Details

           "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
           "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
         },
-        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
         "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
       },
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+          # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+          # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+          # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+          # - RANDOM: The load balancer selects a random healthy host.
+          # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+          # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+          #
+          # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
         "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
         "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+          # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+          # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1979,12 +2671,24 @@ 
Method Details

         "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
         "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
       },
-      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-      "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+          #
+          #
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+      "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+          #
+          # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+          #
+          # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
       "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
         "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
         "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
           "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -1995,7 +2699,17 @@ 
Method Details

                 ],
                 "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
                 "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-                "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+                "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                    #
+                    # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                    #
+                    # Authorization: Bearer .
+                    #
+                    # 2. `access_token` query parameter. See `this `_
+                    #
+                    # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                    #
+                    # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
                   { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                     "name": "A String", # The HTTP header name.
                     "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -2025,7 +2739,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2047,7 +2763,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2142,7 +2860,10 @@ 
Method Details

             },
           ],
         },
-        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+            # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            # If left blank, communications are not encrypted.
+            # Note: This field currently has no impact.
         "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
           "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
             "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -2154,7 +2875,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2176,7 +2899,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2201,13 +2926,26 @@ 
Method Details

             "A String",
           ],
         },
-        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+            # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+            # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+            # Note: This field currently has no impact.
           "A String",
         ],
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+          #
+          # When the loadBalancingScheme is EXTERNAL:
+          #
+          # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+          #
+          # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+          #
+          # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
         "policy": "A String",
       },
@@ -2219,7 +2957,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2245,8 +2984,8 @@ 
Method Details

 

 
 

-    patch(project, backendService, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified BackendService resource with the data included in the request. For more information, see Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
+    patch(project, backendService, body=None, requestId=None)
+  
Patches the specified BackendService resource with the data included in the request. For more information, see  Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2254,25 +2993,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -2295,7 +3078,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -2324,16 +3113,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -2356,12 +3167,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -2372,24 +3187,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -2408,12 +3246,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -2424,7 +3274,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -2454,7 +3314,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2476,7 +3338,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2571,7 +3435,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -2583,7 +3450,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2605,7 +3474,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2630,29 +3501,55 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2687,7 +3584,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2701,7 +3599,7 @@ 
Method Details

 

 
 

-    setEdgeSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)
+    setEdgeSecurityPolicy(project, backendService, body=None, requestId=None)
   
Sets the edge security policy for the specified backend service.
 
 Args:
@@ -2714,16 +3612,29 @@ 
Method Details

   "securityPolicy": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2758,7 +3669,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2772,7 +3684,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -2784,33 +3696,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -2818,95 +3804,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -2914,76 +3992,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)
+    setSecurityPolicy(project, backendService, body=None, requestId=None)
   
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview
 
 Args:
@@ -2996,16 +4142,29 @@ 
Method Details

   "securityPolicy": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3040,7 +4199,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3054,7 +4214,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -3069,10 +4229,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -3085,7 +4241,7 @@ 
Method Details

 

 
 

-    update(project, backendService, body=None, requestId=None, x__xgafv=None)
+    update(project, backendService, body=None, requestId=None)
   
Updates the specified BackendService resource with the data included in the request. For more information, see Backend services overview.
 
 Args:
@@ -3094,25 +4250,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -3135,7 +4335,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -3164,16 +4370,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -3196,12 +4424,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -3212,24 +4444,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -3248,12 +4503,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -3264,7 +4531,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -3294,7 +4571,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -3316,7 +4595,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -3411,7 +4692,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -3423,7 +4707,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -3445,7 +4731,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -3470,29 +4758,55 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3527,7 +4841,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.diskTypes.html b/docs/dyn/compute_alpha.diskTypes.html
index 47cdb4e6932..3109b1d0eb2 100644
--- a/docs/dyn/compute_alpha.diskTypes.html
+++ b/docs/dyn/compute_alpha.diskTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . diskTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of disk types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, diskType, x__xgafv=None)

+  get(project, zone, diskType)

 
Returns the specified disk type. Gets a list of available disk types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of disk types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of disk types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,17 @@ 
Method Details

   "items": { # A list of DiskTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of disk types.
       "diskTypes": [ # [Output Only] A list of disk types contained in this scope.
-        { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/alpha/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/alpha/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+        { # Represents a Disk Type resource.
+            #
+            # Google Compute Engine has two Disk Type resources:
+            #
+            # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+            #
+            # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+            #
+            # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+            #
+            # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -129,7 +145,11 @@ 
Method Details

             "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
             "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
               "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+                  #
+                  # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+                  #
+                  # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
                 "a_key": "A String",
               },
             },
@@ -147,7 +167,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of disk types when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -165,7 +186,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -196,22 +218,28 @@ 
Method Details

 

 
 

-    get(project, zone, diskType, x__xgafv=None)
+    get(project, zone, diskType)
   
Returns the specified disk type. Gets a list of available disk types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   diskType: string, Name of the disk type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/alpha/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/alpha/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+    #
+    # Google Compute Engine has two Disk Type resources:
+    #
+    # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+    #
+    # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+    #
+    # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -222,7 +250,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -240,21 +272,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of disk types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -262,7 +300,17 @@ 
Method Details

     { # Contains a list of disk types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of DiskType resources.
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/alpha/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/alpha/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+        #
+        # Google Compute Engine has two Disk Type resources:
+        #
+        # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+        #
+        # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+        #
+        # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -273,7 +321,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -294,7 +346,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.disks.html b/docs/dyn/compute_alpha.disks.html
index acbb46188ef..95c1144ca7b 100644
--- a/docs/dyn/compute_alpha.disks.html
+++ b/docs/dyn/compute_alpha.disks.html
@@ -75,10 +75,10 @@
 
Compute Engine API . disks

 
Instance Methods

 

-  addResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, zone, disk, body=None, requestId=None)

 
Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of persistent disks.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,47 +87,47 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)

+  createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None)

 
Creates a snapshot of a specified persistent disk.

 

-  delete(project, zone, disk, requestId=None, x__xgafv=None)

+  delete(project, zone, disk, requestId=None)

 
Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.

 

-  get(project, zone, disk, x__xgafv=None)

+  get(project, zone, disk)

 
Returns a specified persistent disk. Gets a list of available persistent disks by making a list() request.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, sourceImage=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None, sourceImage=None)

 
Creates a persistent disk in the specified project using the data in the request. You can create a disk from a source (sourceImage, sourceSnapshot, or sourceDisk) or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of persistent disks contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, zone, disk, body=None, requestId=None)

 
Removes resource policies from a disk.

 

-  resize(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  resize(project, zone, disk, body=None, requestId=None)

 
Resizes the specified persistent disk. You can only increase the size of the disk.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, resource, body=None, requestId=None)

 
Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, disk, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)

+  update(project, zone, disk, body=None, paths=None, requestId=None)

 
Update the specified disk with the data included in the request. Update is performed only on selected fields included as part of update-mask. Only the following fields can be modified: user_license.

 
Method Details

 

-    addResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, zone, disk, body=None, requestId=None)
   
Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.
 
 Args:
@@ -143,16 +143,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -187,7 +200,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -201,21 +215,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of persistent disks.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -225,26 +245,49 @@ 
Method Details

   "items": { # A list of DisksScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of disks.
       "disks": [ # [Output Only] A list of disks contained in this scope.
-        { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+        { # Represents a Persistent Disk resource.
+            #
+            # Google Compute Engine has two Disk resources:
+            #
+            # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+            #
+            # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+            #
+            # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+            #
+            # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+              #
+              # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+              #
+              # Customer-supplied encryption keys do not protect access to metadata of the disk.
+              #
+              # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
           "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a disk.
           "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
             "a_key": "A String",
           },
@@ -272,36 +315,84 @@ 
Method Details

           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-          "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-          "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+          "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+              #
+              # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+          "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+              # - projects/project/zones/zone/disks/disk
+              # - projects/project/regions/region/disks/disk
+              # - zones/zone/disks/disk
+              # - regions/region/disks/disk
           "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-          "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+          "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
           "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-          "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-          "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-          "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+          "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+              # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+              # - global/inPlaceSnapshots/inPlaceSnapshots
+          "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+          "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+              # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+              # - zones/zone/instantSnapshots/instantSnapshot
           "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-          "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+          "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+              # - projects/project/global/snapshots/snapshot
+              # - global/snapshots/snapshot
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
           "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-          "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+          "status": "A String", # [Output Only] The status of disk creation.
+              # - CREATING: Disk is provisioning.
+              # - RESTORING: Source data is being copied into the disk.
+              # - FAILED: Disk creation failed.
+              # - READY: Disk is ready for use.
+              # - DELETING: Disk is deleting.
           "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-          "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-          "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+          "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+          "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+              # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
             "A String",
           ],
           "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -312,7 +403,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of disks when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -330,7 +422,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -361,7 +454,7 @@ 
Method Details

 

 
 

-    createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)
+    createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None)
   
Creates a snapshot of a specified persistent disk.
 
 Args:
@@ -371,7 +464,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -379,14 +474,16 @@ 
Method Details

   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -401,11 +498,22 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -413,7 +521,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -426,16 +539,29 @@ 
Method Details

 }
 
   guestFlush: boolean, [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -470,7 +596,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -484,23 +611,36 @@ 
Method Details

 

 
 

-    delete(project, zone, disk, requestId=None, x__xgafv=None)
+    delete(project, zone, disk, requestId=None)
   
Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   disk: string, Name of the persistent disk to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -535,7 +675,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -549,41 +690,60 @@ 
Method Details

 

 
 

-    get(project, zone, disk, x__xgafv=None)
+    get(project, zone, disk)
   
Returns a specified persistent disk. Gets a list of available persistent disks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   disk: string, Name of the persistent disk to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+    #
+    # Google Compute Engine has two Disk resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    #
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    #
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      #
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -611,36 +771,84 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      #
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      #
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      #
+      #
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      #
+      #
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      #
+      #
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-  "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - global/inPlaceSnapshots/inPlaceSnapshots
+  "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - zones/zone/instantSnapshots/instantSnapshot
   "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+      # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
     "A String",
   ],
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -651,7 +859,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -659,27 +867,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -687,76 +919,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, sourceImage=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None, sourceImage=None)
   
Creates a persistent disk in the specified project using the data in the request. You can create a disk from a source (sourceImage, sourceSnapshot, or sourceDisk) or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.
 
 Args:
@@ -765,26 +1065,49 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+{ # Represents a Persistent Disk resource.
+    # 
+    # Google Compute Engine has two Disk resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    # 
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    # 
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    # 
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      # 
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -812,36 +1135,84 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      # 
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      # 
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      # 
+      # 
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      # 
+      # 
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      # 
+      # 
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-  "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - global/inPlaceSnapshots/inPlaceSnapshots
+  "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - zones/zone/instantSnapshots/instantSnapshot
   "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+      # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
     "A String",
   ],
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -850,17 +1221,30 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceImage: string, Source image to restore onto a disk. This field is optional.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -895,7 +1279,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -909,21 +1294,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of persistent disks contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -931,26 +1322,49 @@ 
Method Details

     { # A list of Disk resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Disk resources.
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+        #
+        # Google Compute Engine has two Disk resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+        #
+        # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+        #
+        # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+          #
+          # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
       "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a disk.
       "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -978,36 +1392,84 @@ 
Method Details

       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+          #
+          # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+          #
+          # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+          # projects/debian-cloud/global/images/family/debian-9
+          #
+          #
+          # Alternatively, use a specific version of a public operating system image:
+          # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+          #
+          #
+          # To create a disk with a custom image that you created, specify the image name in the following format:
+          # global/images/my-custom-image
+          #
+          #
+          # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+          # global/images/family/my-image-family
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-      "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-      "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-      "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+      "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+          # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+          # - global/inPlaceSnapshots/inPlaceSnapshots
+      "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+      "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+          # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+          # - zones/zone/instantSnapshots/instantSnapshot
       "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+          # - projects/project/global/snapshots/snapshot
+          # - global/snapshots/snapshot
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
       "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-      "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+      "status": "A String", # [Output Only] The status of disk creation.
+          # - CREATING: Disk is provisioning.
+          # - RESTORING: Source data is being copied into the disk.
+          # - FAILED: Disk creation failed.
+          # - READY: Disk is ready for use.
+          # - DELETING: Disk is deleting.
       "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-      "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+      "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+          # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
         "A String",
       ],
       "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -1021,7 +1483,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1047,7 +1510,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, zone, disk, body=None, requestId=None)
   
Removes resource policies from a disk.
 
 Args:
@@ -1063,16 +1526,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1107,7 +1583,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1121,7 +1598,7 @@ 
Method Details

 

 
 

-    resize(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    resize(project, zone, disk, body=None, requestId=None)
   
Resizes the specified persistent disk. You can only increase the size of the disk.
 
 Args:
@@ -1135,16 +1612,29 @@ 
Method Details

   "sizeGb": "A String", # The new size of the persistent disk, which is specified in GB.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1179,7 +1669,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1193,7 +1684,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1206,33 +1697,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1240,95 +1805,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1336,76 +1993,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, resource, body=None, requestId=None)
   
Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1422,16 +2147,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1466,7 +2204,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1480,7 +2219,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1496,10 +2235,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1512,7 +2247,7 @@ 
Method Details

 

 
 

-    update(project, zone, disk, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)
+    update(project, zone, disk, body=None, paths=None, requestId=None)
   
Update the specified disk with the data included in the request. Update is performed only on selected fields included as part of update-mask. Only the following fields can be modified: user_license.
 
 Args:
@@ -1522,26 +2257,49 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+{ # Represents a Persistent Disk resource.
+    # 
+    # Google Compute Engine has two Disk resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    # 
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    # 
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    # 
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      # 
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -1569,36 +2327,84 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      # 
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      # 
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      # 
+      # 
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      # 
+      # 
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      # 
+      # 
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-  "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - global/inPlaceSnapshots/inPlaceSnapshots
+  "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - zones/zone/instantSnapshots/instantSnapshot
   "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+      # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
     "A String",
   ],
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -1607,18 +2413,30 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  paths: string, A parameter (repeated)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  updateMask: string, update_mask indicates fields to be updated as part of this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  paths: string, The set of field mask paths. (repeated)
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1653,7 +2471,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.externalVpnGateways.html b/docs/dyn/compute_alpha.externalVpnGateways.html
index 985644d6ca6..edc7a310110 100644
--- a/docs/dyn/compute_alpha.externalVpnGateways.html
+++ b/docs/dyn/compute_alpha.externalVpnGateways.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, externalVpnGateway, requestId=None, x__xgafv=None)

+  delete(project, externalVpnGateway, requestId=None)

 
Deletes the specified externalVpnGateway.

 

-  get(project, externalVpnGateway, x__xgafv=None)

+  get(project, externalVpnGateway)

 
Returns the specified externalVpnGateway. Get a list of available externalVpnGateways by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a ExternalVpnGateway in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of ExternalVpnGateway available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an ExternalVpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, externalVpnGateway, requestId=None, x__xgafv=None)
+    delete(project, externalVpnGateway, requestId=None)
   
Deletes the specified externalVpnGateway.
 
 Args:
   project: string, Project ID for this request. (required)
   externalVpnGateway: string, Name of the externalVpnGateways to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -155,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,32 +183,41 @@ 
Method Details

 

 
 

-    get(project, externalVpnGateway, x__xgafv=None)
+    get(project, externalVpnGateway)
   
Returns the specified externalVpnGateway. Get a list of available externalVpnGateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   externalVpnGateway: string, Name of the externalVpnGateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+    { # Represents an external VPN gateway.
+    #
+    # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+    #
+    # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+    #
+    # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+  "interfaces": [ # List of interfaces for this external VPN gateway.
+      #
+      # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
     { # The interface for the external VPN gateway.
-      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+          # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+          # - TWO_IPS_REDUNDANCY - 0, 1
+          # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
       "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
     },
   ],
   "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -205,7 +228,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a ExternalVpnGateway in the specified project using the data included in the request.
 
 Args:
@@ -213,18 +236,31 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+{ # Represents an external VPN gateway.
+    # 
+    # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+    # 
+    # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+    # 
+    # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+  "interfaces": [ # List of interfaces for this external VPN gateway.
+      # 
+      # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
     { # The interface for the external VPN gateway.
-      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+          # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+          # - TWO_IPS_REDUNDANCY - 0, 1
+          # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
       "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
     },
   ],
   "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -233,16 +269,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -277,7 +326,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -291,20 +341,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of ExternalVpnGateway available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -313,18 +369,31 @@ 
Method Details

   "etag": "A String",
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ExternalVpnGateway resources.
-    { # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+    { # Represents an external VPN gateway.
+        #
+        # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+        #
+        # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+        #
+        # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+      "interfaces": [ # List of interfaces for this external VPN gateway.
+          #
+          # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
         { # The interface for the external VPN gateway.
-          "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+          "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+              # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+              # - TWO_IPS_REDUNDANCY - 0, 1
+              # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
           "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
         },
       ],
       "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -333,12 +402,13 @@ 
Method Details

       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
     },
   ],
-  "kind": "compute#externalVpnGatewayList", # [Output Only] Type of resource. Always compute#externalVpnGatewayList for lists of externalVpnGateways.
+  "kind": "compute#externalVpnGatewayList", # [Output Only] Type of resource. Always compute#externalVpnGatewayList  for lists of externalVpnGateways.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -364,7 +434,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an ExternalVpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -380,15 +450,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -423,7 +502,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -437,7 +517,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -452,10 +532,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.firewallPolicies.html b/docs/dyn/compute_alpha.firewallPolicies.html
index 0667d5d0930..dc90b90ff11 100644
--- a/docs/dyn/compute_alpha.firewallPolicies.html
+++ b/docs/dyn/compute_alpha.firewallPolicies.html
@@ -75,68 +75,68 @@
 
Compute Engine API . firewallPolicies

 
Instance Methods

 

-  addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)

+  addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)

 
Inserts an association for the specified firewall policy.

 

-  addRule(firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  addRule(firewallPolicy, body=None, requestId=None)

 
Inserts a rule into a firewall policy.

 

-  cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)

+  cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None)

 
Copies rules to the specified firewall policy.

 

   close()

 
Close httplib2 connections.

 

-  delete(firewallPolicy, requestId=None, x__xgafv=None)

+  delete(firewallPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(firewallPolicy, x__xgafv=None)

+  get(firewallPolicy)

 
Returns the specified firewall policy.

 

-  getAssociation(firewallPolicy, name=None, x__xgafv=None)

+  getAssociation(firewallPolicy, name=None)

 
Gets an association with the specified name.

 

-  getIamPolicy(resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getRule(firewallPolicy, priority=None, x__xgafv=None)

+  getRule(firewallPolicy, priority=None)

 
Gets a rule of the specified priority.

 

-  insert(body=None, parentId=None, requestId=None, x__xgafv=None)

+  insert(body=None, parentId=None, requestId=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
Lists all the policies that have been configured for the specified folder or organization.

 

-  listAssociations(targetResource=None, x__xgafv=None)

+  listAssociations(targetResource=None)

 
Lists associations of a specified target, i.e., organization or folder.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  move(firewallPolicy, parentId=None, requestId=None, x__xgafv=None)

+  move(firewallPolicy, parentId=None, requestId=None)

 
Moves the specified firewall policy.

 

-  patch(firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(firewallPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 

-  patchRule(firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)

+  patchRule(firewallPolicy, body=None, priority=None, requestId=None)

 
Patches a rule of the specified priority.

 

-  removeAssociation(firewallPolicy, name=None, requestId=None, x__xgafv=None)

+  removeAssociation(firewallPolicy, name=None, requestId=None)

 
Removes an association for the specified firewall policy.

 

-  removeRule(firewallPolicy, priority=None, requestId=None, x__xgafv=None)

+  removeRule(firewallPolicy, priority=None, requestId=None)

 
Deletes a rule of the specified priority.

 

-  setIamPolicy(resource, body=None, x__xgafv=None)

+  setIamPolicy(resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(resource, body=None, x__xgafv=None)

+  testIamPermissions(resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)
+    addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)
   
Inserts an association for the specified firewall policy.
 
 Args:
@@ -153,16 +153,29 @@ 
Method Details

 }
 
   replaceExistingAssociation: boolean, Indicates whether or not to replace it if an association of the attachment already exists. This is false by default, in which case an error will be returned if an association already exists.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -197,7 +210,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -211,7 +225,7 @@ 
Method Details

 

 
 

-    addRule(firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    addRule(firewallPolicy, body=None, requestId=None)
   
Inserts a rule into a firewall policy.
 
 Args:
@@ -233,7 +247,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -264,16 +280,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -308,7 +337,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -322,22 +352,35 @@ 
Method Details

 

 
 

-    cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)
+    cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None)
   
Copies rules to the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceFirewallPolicy: string, The firewall policy from which to copy rules.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -372,7 +415,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -391,21 +435,34 @@ 
Method Details

 

 
 

-    delete(firewallPolicy, requestId=None, x__xgafv=None)
+    delete(firewallPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -440,7 +497,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -454,20 +512,16 @@ 
Method Details

 

 
 

-    get(firewallPolicy, x__xgafv=None)
+    get(firewallPolicy)
   
Returns the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -480,7 +534,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -502,7 +558,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -540,16 +598,12 @@ 
Method Details

 

 
 

-    getAssociation(firewallPolicy, name=None, x__xgafv=None)
+    getAssociation(firewallPolicy, name=None)
   
Gets an association with the specified name.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   name: string, The name of the association to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -564,33 +618,57 @@ 
Method Details

 

 
 

-    getIamPolicy(resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -598,85 +676,149 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getRule(firewallPolicy, priority=None, x__xgafv=None)
+    getRule(firewallPolicy, priority=None)
   
Gets a rule of the specified priority.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -695,7 +837,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -728,14 +872,14 @@ 
Method Details

 

 
 

-    insert(body=None, parentId=None, requestId=None, x__xgafv=None)
+    insert(body=None, parentId=None, requestId=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -748,7 +892,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -770,7 +916,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -807,16 +955,29 @@ 
Method Details

 }
 
   parentId: string, Parent ID for this request. The ID can be either be "folders/[FOLDER_ID]" if the parent is a folder or "organizations/[ORGANIZATION_ID]" if the parent is an organization.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -851,7 +1012,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -865,20 +1027,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
Lists all the policies that have been configured for the specified folder or organization.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -886,7 +1054,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of FirewallPolicy resources.
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
       "associations": [ # A list of associations that belong to this firewall policy.
         {
           "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -899,7 +1067,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the firewall policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
       "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -921,7 +1091,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -961,7 +1133,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -973,15 +1146,11 @@ 
Method Details

 

 
 

-    listAssociations(targetResource=None, x__xgafv=None)
+    listAssociations(targetResource=None)
   
Lists associations of a specified target, i.e., organization or folder.
 
 Args:
   targetResource: string, The target resource to list associations. It is an organization, or a folder.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1015,22 +1184,35 @@ 
Method Details

 

 
 

-    move(firewallPolicy, parentId=None, requestId=None, x__xgafv=None)
+    move(firewallPolicy, parentId=None, requestId=None)
   
Moves the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   parentId: string, The new parent of the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1065,7 +1247,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1079,7 +1262,7 @@ 
Method Details

 

 
 

-    patch(firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(firewallPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -1087,7 +1270,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -1100,7 +1283,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -1122,7 +1307,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -1158,16 +1345,29 @@ 
Method Details

   "shortName": "A String", # User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1202,7 +1402,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1216,7 +1417,7 @@ 
Method Details

 

 
 

-    patchRule(firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)
+    patchRule(firewallPolicy, body=None, priority=None, requestId=None)
   
Patches a rule of the specified priority.
 
 Args:
@@ -1238,7 +1439,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -1270,16 +1473,29 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1314,7 +1530,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1328,22 +1545,35 @@ 
Method Details

 

 
 

-    removeAssociation(firewallPolicy, name=None, requestId=None, x__xgafv=None)
+    removeAssociation(firewallPolicy, name=None, requestId=None)
   
Removes an association for the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   name: string, Name for the attachment that will be removed.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1378,7 +1608,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1392,22 +1623,35 @@ 
Method Details

 

 
 

-    removeRule(firewallPolicy, priority=None, requestId=None, x__xgafv=None)
+    removeRule(firewallPolicy, priority=None, requestId=None)
   
Deletes a rule of the specified priority.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   priority: integer, The priority of the rule to remove from the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1442,7 +1686,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1456,7 +1701,7 @@ 
Method Details

 

 
 

-    setIamPolicy(resource, body=None, x__xgafv=None)
+    setIamPolicy(resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1467,33 +1712,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1501,95 +1820,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1597,76 +2008,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(resource, body=None, x__xgafv=None)
+    testIamPermissions(resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1680,10 +2159,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.firewalls.html b/docs/dyn/compute_alpha.firewalls.html
index ebdf0f5be6b..05b9d1e359a 100644
--- a/docs/dyn/compute_alpha.firewalls.html
+++ b/docs/dyn/compute_alpha.firewalls.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, firewall, requestId=None, x__xgafv=None)

+  delete(project, firewall, requestId=None)

 
Deletes the specified firewall.

 

-  get(project, firewall, x__xgafv=None)

+  get(project, firewall)

 
Returns the specified firewall.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a firewall rule in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of firewall rules available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, firewall, body=None, requestId=None, x__xgafv=None)

+  patch(project, firewall, body=None, requestId=None)

 
Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, firewall, body=None, requestId=None, x__xgafv=None)

+  update(project, firewall, body=None, requestId=None)

 
Updates the specified firewall rule with the data included in the request. Note that all fields will be updated if using PUT, even fields that are not specified. To update individual fields, please use PATCH instead.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, firewall, requestId=None, x__xgafv=None)
+    delete(project, firewall, requestId=None)
   
Deletes the specified firewall.
 
 Args:
   project: string, Project ID for this request. (required)
   firewall: string, Name of the firewall rule to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,25 +186,25 @@ 
Method Details

 

 
 

-    get(project, firewall, x__xgafv=None)
+    get(project, firewall)
   
Returns the specified firewall.
 
 Args:
   project: string, Project ID for this request. (required)
   firewall: string, Name of the firewall rule to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+    #
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          #
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -199,7 +213,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          #
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -218,7 +234,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -241,7 +262,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a firewall rule in the specified project using the data included in the request.
 
 Args:
@@ -249,11 +270,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -262,7 +287,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -281,7 +308,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -302,16 +334,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -346,7 +391,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -360,20 +406,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of firewall rules available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -381,11 +433,15 @@ 
Method Details

     { # Contains a list of firewalls.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Firewall resources.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -394,7 +450,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -413,7 +471,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -439,7 +502,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -465,7 +529,7 @@ 
Method Details

 

 
 

-    patch(project, firewall, body=None, requestId=None, x__xgafv=None)
+    patch(project, firewall, body=None, requestId=None)
   
Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -474,11 +538,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -487,7 +555,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -506,7 +576,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -527,16 +602,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -571,7 +659,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -585,7 +674,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -600,10 +689,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -616,7 +701,7 @@ 
Method Details

 

 
 

-    update(project, firewall, body=None, requestId=None, x__xgafv=None)
+    update(project, firewall, body=None, requestId=None)
   
Updates the specified firewall rule with the data included in the request. Note that all fields will be updated if using PUT, even fields that are not specified. To update individual fields, please use PATCH instead.
 
 Args:
@@ -625,11 +710,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -638,7 +727,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -657,7 +748,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -678,16 +774,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -722,7 +831,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.forwardingRules.html b/docs/dyn/compute_alpha.forwardingRules.html
index 578bcd90d6a..a95df3e78aa 100644
--- a/docs/dyn/compute_alpha.forwardingRules.html
+++ b/docs/dyn/compute_alpha.forwardingRules.html
@@ -75,7 +75,7 @@
 
Compute Engine API . forwardingRules

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of forwarding rules.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, forwardingRule, requestId=None, x__xgafv=None)

+  delete(project, region, forwardingRule, requestId=None)

 
Deletes the specified ForwardingRule resource.

 

-  get(project, region, forwardingRule, x__xgafv=None)

+  get(project, region, forwardingRule)

 
Returns the specified ForwardingRule resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a ForwardingRule resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of ForwardingRule resources available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, forwardingRule, body=None, requestId=None)

 
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.

 

-  setTarget(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  setTarget(project, region, forwardingRule, body=None, requestId=None)

 
Changes target URL for forwarding rule. The new target should be of the same type as the old target.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of forwarding rules.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,40 +142,139 @@ 
Method Details

   "items": { # A list of ForwardingRulesScopedList resources.
     "a_key": { # Name of the scope containing this set of addresses.
       "forwardingRules": [ # A list of forwarding rules contained in this scope.
-        { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-          "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-          "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-          "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+        { # Represents a Forwarding Rule resource.
+            #
+            # Forwarding rule resources in GCP can be either regional or global in scope:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+            #
+            # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+            #
+            # For more information, read Forwarding rule concepts and Using protocol forwarding.
+            #
+            # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+          "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+              #
+              # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+              #
+              # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+              # - projects/project_id/regions/region/addresses/address-name
+              # - regions/region/addresses/address-name
+              # - global/addresses/address-name
+              # - address-name
+              #
+              # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+              #
+              # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+              #
+              # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+          "IPProtocol": "A String", # The IP protocol to which this rule applies.
+              #
+              # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+              #
+              # The valid IP protocols are different for different load balancing products:
+              # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+              # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+              # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+              # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+              # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+              #
+              # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+              #
+              # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
           "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
           "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
           "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
           "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
-          "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-          "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-            { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-              "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+          "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+              #
+              #
+              # - EXTERNAL is used for:
+              # - Classic Cloud VPN gateways
+              # - Protocol forwarding to VMs from an external IP address
+              # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+              # - INTERNAL is used for:
+              # - Protocol forwarding to VMs from an internal IP address
+              # - Internal TCP/UDP Load Balancing
+              # - INTERNAL_MANAGED is used for:
+              # - Internal HTTP(S) Load Balancing
+              # - INTERNAL_SELF_MANAGED is used for:
+              # - Traffic Director
+              #
+              # For more information about forwarding rules, refer to Forwarding rule concepts.
+          "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+              # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+              # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+              # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+              "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                  # This list must not be empty and can have at the most 64 entries.
                 { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                  "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                  "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                  "name": "A String", # Name of metadata label.
+                      # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                  "value": "A String", # The value of the label must match the specified value.
+                      # value can have a maximum length of 1024 characters.
                 },
               ],
-              "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+              "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                  # Supported values are:
+                  # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                  # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
             },
           ],
-          "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-          "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-          "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-          "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+          "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          "network": "A String", # This field is not used for external load balancing.
+              #
+              # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+              #
+              # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+              #
+              # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+              #
+              # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+          "portRange": "A String", # This field can be used only if:
+              # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+              # - IPProtocol is one of TCP, UDP, or SCTP.
+              #
+              # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+              #
+              # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+              #
+              # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+              #
+              # Some types of forwarding target have constraints on the acceptable ports:
+              # - TargetHttpProxy: 80, 8080
+              # - TargetHttpsProxy: 443
+              # - TargetGrpcProxy: no constraints
+              # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+              # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+              # - TargetVpnGateway: 500, 4500
+          "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+              #
+              # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+              #
+              # You can specify a list of up to five ports, which can be non-contiguous.
+              #
+              # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+              #
+              # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
             "A String",
           ],
           "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -177,25 +282,38 @@ 
Method Details

           "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+          "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+              #
+              # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
             { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
               "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
               "service": "A String", # Service Directory service to register the forwarding rule under.
               "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
             },
           ],
-          "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-          "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+          "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+              #
+              # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+              #
+              # This field is only used for internal load balancing.
+          "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+              #
+              # This field is only used for internal load balancing.
           "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
             "A String",
           ],
-          "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+          "subnetwork": "A String", # This field is only used for internal load balancing.
+              #
+              # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+              #
+              # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
           "target": "A String",
         },
       ],
       "warning": { # Informational warning which replaces the list of forwarding rules when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -213,7 +331,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -244,23 +363,36 @@ 
Method Details

 

 
 

-    delete(project, region, forwardingRule, requestId=None, x__xgafv=None)
+    delete(project, region, forwardingRule, requestId=None)
   
Deletes the specified ForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -295,7 +427,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -309,55 +442,150 @@ 
Method Details

 

 
 

-    get(project, region, forwardingRule, x__xgafv=None)
+    get(project, region, forwardingRule)
   
Returns the specified ForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+    #
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    #
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    #
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    #
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      #
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      #
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      #
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      #
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      #
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      #
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      #
+      #
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      #
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      #
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      #
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      #
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      #
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -365,25 +593,37 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      #
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      #
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      #
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      #
+      # This field is only used for internal load balancing.
   "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
     "A String",
   ],
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      #
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      #
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a ForwardingRule resource in the specified project and region using the data included in the request.
 
 Args:
@@ -392,40 +632,139 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -433,32 +772,57 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
   "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
     "A String",
   ],
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -493,7 +857,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -507,21 +872,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of ForwardingRule resources available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -529,40 +900,139 @@ 
Method Details

     { # Contains a list of ForwardingRule resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ForwardingRule resources.
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-      "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+        #
+        # Forwarding rule resources in GCP can be either regional or global in scope:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+        #
+        # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+        #
+        # For more information, read Forwarding rule concepts and Using protocol forwarding.
+        #
+        # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+          #
+          # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+          #
+          # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+          # - projects/project_id/regions/region/addresses/address-name
+          # - regions/region/addresses/address-name
+          # - global/addresses/address-name
+          # - address-name
+          #
+          # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+          #
+          # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+      "IPProtocol": "A String", # The IP protocol to which this rule applies.
+          #
+          # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+          #
+          # The valid IP protocols are different for different load balancing products:
+          # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+          # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+          # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+          # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
       "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
       "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
       "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
       "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+      "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+          #
+          #
+          # - EXTERNAL is used for:
+          # - Classic Cloud VPN gateways
+          # - Protocol forwarding to VMs from an external IP address
+          # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+          # - INTERNAL is used for:
+          # - Protocol forwarding to VMs from an internal IP address
+          # - Internal TCP/UDP Load Balancing
+          # - INTERNAL_MANAGED is used for:
+          # - Internal HTTP(S) Load Balancing
+          # - INTERNAL_SELF_MANAGED is used for:
+          # - Traffic Director
+          #
+          # For more information about forwarding rules, refer to Forwarding rule concepts.
+      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+          # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+              # This list must not be empty and can have at the most 64 entries.
             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+              "name": "A String", # Name of metadata label.
+                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+              "value": "A String", # The value of the label must match the specified value.
+                  # value can have a maximum length of 1024 characters.
             },
           ],
-          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+              # Supported values are:
+              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
         },
       ],
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-      "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-      "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "network": "A String", # This field is not used for external load balancing.
+          #
+          # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+          #
+          # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+      "portRange": "A String", # This field can be used only if:
+          # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+          # - IPProtocol is one of TCP, UDP, or SCTP.
+          #
+          # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+          #
+          # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # Some types of forwarding target have constraints on the acceptable ports:
+          # - TargetHttpProxy: 80, 8080
+          # - TargetHttpsProxy: 443
+          # - TargetGrpcProxy: no constraints
+          # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetVpnGateway: 500, 4500
+      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # You can specify a list of up to five ports, which can be non-contiguous.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
         "A String",
       ],
       "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -570,19 +1040,31 @@ 
Method Details

       "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+          #
+          # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
         { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
           "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
           "service": "A String", # Service Directory service to register the forwarding rule under.
           "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
         },
       ],
-      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+          #
+          # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          #
+          # This field is only used for internal load balancing.
+      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+          #
+          # This field is only used for internal load balancing.
       "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
         "A String",
       ],
-      "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+      "subnetwork": "A String", # This field is only used for internal load balancing.
+          #
+          # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+          #
+          # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
       "target": "A String",
     },
   ],
@@ -591,7 +1073,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -617,7 +1100,7 @@ 
Method Details

 

 
 

-    patch(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, forwardingRule, body=None, requestId=None)
   
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.
 
 Args:
@@ -627,40 +1110,139 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -668,32 +1250,57 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
   "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
     "A String",
   ],
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -728,7 +1335,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -742,7 +1350,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -759,16 +1367,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -803,7 +1424,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -817,7 +1439,7 @@ 
Method Details

 

 
 

-    setTarget(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    setTarget(project, region, forwardingRule, body=None, requestId=None)
   
Changes target URL for forwarding rule. The new target should be of the same type as the old target.
 
 Args:
@@ -831,16 +1453,29 @@ 
Method Details

   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -875,7 +1510,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -889,7 +1525,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -905,10 +1541,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.futureReservations.html b/docs/dyn/compute_alpha.futureReservations.html
index 5aea608aca3..1515e64e91c 100644
--- a/docs/dyn/compute_alpha.futureReservations.html
+++ b/docs/dyn/compute_alpha.futureReservations.html
@@ -75,52 +75,58 @@
 
Compute Engine API . futureReservations

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of future reservations.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  cancel(project, zone, futureReservation, requestId=None, x__xgafv=None)

+  cancel(project, zone, futureReservation, requestId=None)

 
Cancel the specified future reservation.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, futureReservation, requestId=None, x__xgafv=None)

+  delete(project, zone, futureReservation, requestId=None)

 
Deletes the specified future reservation.

 

-  get(project, zone, futureReservation, x__xgafv=None)

+  get(project, zone, futureReservation)

 
Retrieves information about the specified future reservation.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a new Future Reservation.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
A list of all the future reservations that have been configured for the specified project in specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  update(project, zone, futureReservation, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)

+  update(project, zone, futureReservation, body=None, paths=None, requestId=None)

 
Updates the specified future reservation.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of future reservations.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -135,7 +141,7 @@ 
Method Details

           "creationTimestamp": "A String", # [Output Only] The creation timestamp for this future reservation in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the future reservation.
           "id": "A String", # [Output Only] A unique identifier for this future reservation. The server defines this identifier.
-          "kind": "compute#futureReservation",
+          "kind": "compute#futureReservation", # [Output Only] Type of the resource. Always compute#futureReservation for future reservations.
           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "namePrefix": "A String", # Name prefix for the reservations to be created at the time of delivery. The name prefix must comply with RFC1035. Maximum allowed length for name prefix is 20. Automatically created reservations name format will be -date-####.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
@@ -173,7 +179,7 @@ 
Method Details

               "A String",
             ],
             "fulfilledCount": "A String", # This count indicates the fulfilled capacity so far. This is set during "PROVISIONING" state. This count also includes capacity delivered as part of existing matching reservations.
-            "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time.
+            "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time. TODO(b/183994731): Replace with Timestamp.
             "procurementStatus": "A String", # Current state of this Future Reservation
           },
           "timeWindow": { # Time window for this Future Reservation.
@@ -181,15 +187,16 @@ 
Method Details

               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "endTime": "A String",
-            "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string.
+            "endTime": "A String", # TODO(b/183994731): Replace with Timestamp.
+            "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string. TODO(b/183994731): Replace with Timestamp.
           },
           "zone": "A String", # [Output Only] URL of the Zone where this future reservation resides.
         },
       ],
       "warning": { # Informational warning which replaces the list of future reservations when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -199,7 +206,7 @@ 
Method Details

       },
     },
   },
-  "kind": "compute#futureReservationsAggregatedListResponse",
+  "kind": "compute#futureReservationsAggregatedListResponse", # Type of resource.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "unreachables": [ # [Output Only] Unreachable resources.
@@ -207,7 +214,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -233,23 +241,36 @@ 
Method Details

 

 
 

-    cancel(project, zone, futureReservation, requestId=None, x__xgafv=None)
+    cancel(project, zone, futureReservation, requestId=None)
   
Cancel the specified future reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. Name should conform to RFC1035. (required)
   futureReservation: string, Name of the future reservation to retrieve. Name should conform to RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -284,7 +305,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -303,23 +325,36 @@ 
Method Details

 

 
 

-    delete(project, zone, futureReservation, requestId=None, x__xgafv=None)
+    delete(project, zone, futureReservation, requestId=None)
   
Deletes the specified future reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. Name should conform to RFC1035. (required)
   futureReservation: string, Name of the future reservation to retrieve. Name should conform to RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -354,7 +389,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -368,17 +404,13 @@ 
Method Details

 

 
 

-    get(project, zone, futureReservation, x__xgafv=None)
+    get(project, zone, futureReservation)
   
Retrieves information about the specified future reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. Name should conform to RFC1035. (required)
   futureReservation: string, Name of the future reservation to retrieve. Name should conform to RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -387,7 +419,7 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this future reservation in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the future reservation.
   "id": "A String", # [Output Only] A unique identifier for this future reservation. The server defines this identifier.
-  "kind": "compute#futureReservation",
+  "kind": "compute#futureReservation", # [Output Only] Type of the resource. Always compute#futureReservation for future reservations.
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "namePrefix": "A String", # Name prefix for the reservations to be created at the time of delivery. The name prefix must comply with RFC1035. Maximum allowed length for name prefix is 20. Automatically created reservations name format will be -date-####.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
@@ -425,7 +457,7 @@ 
Method Details

       "A String",
     ],
     "fulfilledCount": "A String", # This count indicates the fulfilled capacity so far. This is set during "PROVISIONING" state. This count also includes capacity delivered as part of existing matching reservations.
-    "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time.
+    "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time. TODO(b/183994731): Replace with Timestamp.
     "procurementStatus": "A String", # Current state of this Future Reservation
   },
   "timeWindow": { # Time window for this Future Reservation.
@@ -433,15 +465,15 @@ 
Method Details

       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "endTime": "A String",
-    "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string.
+    "endTime": "A String", # TODO(b/183994731): Replace with Timestamp.
+    "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string. TODO(b/183994731): Replace with Timestamp.
   },
   "zone": "A String", # [Output Only] URL of the Zone where this future reservation resides.
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a new Future Reservation.
 
 Args:
@@ -454,7 +486,7 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this future reservation in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the future reservation.
   "id": "A String", # [Output Only] A unique identifier for this future reservation. The server defines this identifier.
-  "kind": "compute#futureReservation",
+  "kind": "compute#futureReservation", # [Output Only] Type of the resource. Always compute#futureReservation for future reservations.
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "namePrefix": "A String", # Name prefix for the reservations to be created at the time of delivery. The name prefix must comply with RFC1035. Maximum allowed length for name prefix is 20. Automatically created reservations name format will be -date-####.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
@@ -492,7 +524,7 @@ 
Method Details

       "A String",
     ],
     "fulfilledCount": "A String", # This count indicates the fulfilled capacity so far. This is set during "PROVISIONING" state. This count also includes capacity delivered as part of existing matching reservations.
-    "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time.
+    "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time. TODO(b/183994731): Replace with Timestamp.
     "procurementStatus": "A String", # Current state of this Future Reservation
   },
   "timeWindow": { # Time window for this Future Reservation.
@@ -500,22 +532,35 @@ 
Method Details

       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "endTime": "A String",
-    "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string.
+    "endTime": "A String", # TODO(b/183994731): Replace with Timestamp.
+    "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string. TODO(b/183994731): Replace with Timestamp.
   },
   "zone": "A String", # [Output Only] URL of the Zone where this future reservation resides.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -550,7 +595,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -564,21 +610,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
A list of all the future reservations that have been configured for the specified project in specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. Name should conform to RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -591,7 +643,7 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this future reservation in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the future reservation.
       "id": "A String", # [Output Only] A unique identifier for this future reservation. The server defines this identifier.
-      "kind": "compute#futureReservation",
+      "kind": "compute#futureReservation", # [Output Only] Type of the resource. Always compute#futureReservation for future reservations.
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "namePrefix": "A String", # Name prefix for the reservations to be created at the time of delivery. The name prefix must comply with RFC1035. Maximum allowed length for name prefix is 20. Automatically created reservations name format will be -date-####.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
@@ -629,7 +681,7 @@ 
Method Details

           "A String",
         ],
         "fulfilledCount": "A String", # This count indicates the fulfilled capacity so far. This is set during "PROVISIONING" state. This count also includes capacity delivered as part of existing matching reservations.
-        "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time.
+        "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time. TODO(b/183994731): Replace with Timestamp.
         "procurementStatus": "A String", # Current state of this Future Reservation
       },
       "timeWindow": { # Time window for this Future Reservation.
@@ -637,13 +689,13 @@ 
Method Details

           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "endTime": "A String",
-        "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string.
+        "endTime": "A String", # TODO(b/183994731): Replace with Timestamp.
+        "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string. TODO(b/183994731): Replace with Timestamp.
       },
       "zone": "A String", # [Output Only] URL of the Zone where this future reservation resides.
     },
   ],
-  "kind": "compute#futureReservationsListResponse",
+  "kind": "compute#futureReservationsListResponse", # [Output Only] Type of resource.Always compute#reservationsList for listsof reservations
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "unreachables": [ # [Output Only] Unreachable resources.
@@ -651,7 +703,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -677,7 +730,7 @@ 
Method Details

 

 
 

-    update(project, zone, futureReservation, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)
+    update(project, zone, futureReservation, body=None, paths=None, requestId=None)
   
Updates the specified future reservation.
 
 Args:
@@ -691,7 +744,7 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this future reservation in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the future reservation.
   "id": "A String", # [Output Only] A unique identifier for this future reservation. The server defines this identifier.
-  "kind": "compute#futureReservation",
+  "kind": "compute#futureReservation", # [Output Only] Type of the resource. Always compute#futureReservation for future reservations.
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "namePrefix": "A String", # Name prefix for the reservations to be created at the time of delivery. The name prefix must comply with RFC1035. Maximum allowed length for name prefix is 20. Automatically created reservations name format will be -date-####.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
@@ -729,7 +782,7 @@ 
Method Details

       "A String",
     ],
     "fulfilledCount": "A String", # This count indicates the fulfilled capacity so far. This is set during "PROVISIONING" state. This count also includes capacity delivered as part of existing matching reservations.
-    "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time.
+    "lockTime": "A String", # Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time. TODO(b/183994731): Replace with Timestamp.
     "procurementStatus": "A String", # Current state of this Future Reservation
   },
   "timeWindow": { # Time window for this Future Reservation.
@@ -737,24 +790,36 @@ 
Method Details

       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "endTime": "A String",
-    "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string.
+    "endTime": "A String", # TODO(b/183994731): Replace with Timestamp.
+    "startTime": "A String", # Start time of the Future Reservation. The start_time is an RFC3339 string. TODO(b/183994731): Replace with Timestamp.
   },
   "zone": "A String", # [Output Only] URL of the Zone where this future reservation resides.
 }
 
-  paths: string, A parameter (repeated)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  updateMask: string, update_mask indicates fields to be updated as part of this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  paths: string, The set of field mask paths. (repeated)
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -789,7 +854,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.globalAddresses.html b/docs/dyn/compute_alpha.globalAddresses.html
index f2fbe38139e..e1d7ba936be 100644
--- a/docs/dyn/compute_alpha.globalAddresses.html
+++ b/docs/dyn/compute_alpha.globalAddresses.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, address, requestId=None, x__xgafv=None)

+  delete(project, address, requestId=None)

 
Deletes the specified address resource.

 

-  get(project, address, x__xgafv=None)

+  get(project, address)

 
Returns the specified address resource. Gets a list of available addresses by making a list() request.

 

-  getOwnerInstance(project, ipAddress=None, x__xgafv=None)

+  getOwnerInstance(project, ipAddress=None)

 
Find owner instance from given ip address

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates an address resource in the specified project by using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of global addresses.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, address, requestId=None, x__xgafv=None)
+    delete(project, address, requestId=None)
   
Deletes the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   address: string, Name of the address resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,21 +186,31 @@ 
Method Details

 

 
 

-    get(project, address, x__xgafv=None)
+    get(project, address)
   
Returns the specified address resource. Gets a list of available addresses by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   address: string, Name of the address resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    #
+    # Use global internal addresses for reserved peering network range.
+    #
+    # Use regional external addresses for the following resources:
+    #
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    #
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    #
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    #
+    # For more information, read reserved IP address.
+    #
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -194,16 +218,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
@@ -215,16 +248,12 @@ 
Method Details

 

 
 

-    getOwnerInstance(project, ipAddress=None, x__xgafv=None)
+    getOwnerInstance(project, ipAddress=None)
   
Find owner instance from given ip address
 
 Args:
   project: string, Project ID for this request. (required)
   ipAddress: string, The ip_address could be external IPv4, or internal IPv4 within IPv6 form of virtual_network_id with internal IPv4. IPv6 is not supported yet.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -235,7 +264,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates an address resource in the specified project by using the data included in the request.
 
 Args:
@@ -243,7 +272,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    # 
+    # Use global internal addresses for reserved peering network range.
+    # 
+    # Use regional external addresses for the following resources:
+    # 
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    # 
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    # 
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    # 
+    # For more information, read reserved IP address.
+    # 
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -251,16 +294,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
@@ -270,16 +322,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -314,7 +379,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -328,20 +394,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of global addresses.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -349,7 +421,21 @@ 
Method Details

     { # Contains a list of addresses.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Address resources.
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+        #
+        # Use global internal addresses for reserved peering network range.
+        #
+        # Use regional external addresses for the following resources:
+        #
+        # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+        #
+        # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+        #
+        # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+        #
+        # For more information, read reserved IP address.
+        #
+        # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
       "address": "A String", # The static IP address represented by this resource.
       "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -357,16 +443,25 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
       "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an Address.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM.
       "prefixLength": 42, # The prefix length if the resource represents an IP range.
-      "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+      "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+          # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+          # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+          # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+          # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+          # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
       "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
@@ -381,7 +476,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -407,7 +503,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -423,15 +519,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -466,7 +571,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -480,7 +586,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -495,10 +601,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.globalForwardingRules.html b/docs/dyn/compute_alpha.globalForwardingRules.html
index bc5f1c5840d..4e70b3811f4 100644
--- a/docs/dyn/compute_alpha.globalForwardingRules.html
+++ b/docs/dyn/compute_alpha.globalForwardingRules.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, forwardingRule, requestId=None, x__xgafv=None)

+  delete(project, forwardingRule, requestId=None)

 
Deletes the specified GlobalForwardingRule resource.

 

-  get(project, forwardingRule, x__xgafv=None)

+  get(project, forwardingRule)

 
Returns the specified GlobalForwardingRule resource. Gets a list of available forwarding rules by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a GlobalForwardingRule resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of GlobalForwardingRule resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  patch(project, forwardingRule, body=None, requestId=None)

 
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.

 

-  setTarget(project, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  setTarget(project, forwardingRule, body=None, requestId=None)

 
Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -111,22 +111,35 @@ 
Method Details

 

 
 

-    delete(project, forwardingRule, requestId=None, x__xgafv=None)
+    delete(project, forwardingRule, requestId=None)
   
Deletes the specified GlobalForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -161,7 +174,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -175,54 +189,149 @@ 
Method Details

 

 
 

-    get(project, forwardingRule, x__xgafv=None)
+    get(project, forwardingRule)
   
Returns the specified GlobalForwardingRule resource. Gets a list of available forwarding rules by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+    #
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    #
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    #
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    #
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      #
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      #
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      #
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      #
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      #
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      #
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      #
+      #
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      #
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      #
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      #
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      #
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      #
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -230,25 +339,37 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      #
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      #
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      #
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      #
+      # This field is only used for internal load balancing.
   "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
     "A String",
   ],
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      #
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      #
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a GlobalForwardingRule resource in the specified project using the data included in the request.
 
 Args:
@@ -256,40 +377,139 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -297,32 +517,57 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
   "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
     "A String",
   ],
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -357,7 +602,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -371,20 +617,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of GlobalForwardingRule resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -392,40 +644,139 @@ 
Method Details

     { # Contains a list of ForwardingRule resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ForwardingRule resources.
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-      "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+        #
+        # Forwarding rule resources in GCP can be either regional or global in scope:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+        #
+        # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+        #
+        # For more information, read Forwarding rule concepts and Using protocol forwarding.
+        #
+        # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+          #
+          # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+          #
+          # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+          # - projects/project_id/regions/region/addresses/address-name
+          # - regions/region/addresses/address-name
+          # - global/addresses/address-name
+          # - address-name
+          #
+          # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+          #
+          # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+      "IPProtocol": "A String", # The IP protocol to which this rule applies.
+          #
+          # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+          #
+          # The valid IP protocols are different for different load balancing products:
+          # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+          # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+          # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+          # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
       "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
       "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
       "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
       "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+      "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+          #
+          #
+          # - EXTERNAL is used for:
+          # - Classic Cloud VPN gateways
+          # - Protocol forwarding to VMs from an external IP address
+          # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+          # - INTERNAL is used for:
+          # - Protocol forwarding to VMs from an internal IP address
+          # - Internal TCP/UDP Load Balancing
+          # - INTERNAL_MANAGED is used for:
+          # - Internal HTTP(S) Load Balancing
+          # - INTERNAL_SELF_MANAGED is used for:
+          # - Traffic Director
+          #
+          # For more information about forwarding rules, refer to Forwarding rule concepts.
+      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+          # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+              # This list must not be empty and can have at the most 64 entries.
             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+              "name": "A String", # Name of metadata label.
+                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+              "value": "A String", # The value of the label must match the specified value.
+                  # value can have a maximum length of 1024 characters.
             },
           ],
-          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+              # Supported values are:
+              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
         },
       ],
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-      "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-      "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "network": "A String", # This field is not used for external load balancing.
+          #
+          # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+          #
+          # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+      "portRange": "A String", # This field can be used only if:
+          # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+          # - IPProtocol is one of TCP, UDP, or SCTP.
+          #
+          # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+          #
+          # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # Some types of forwarding target have constraints on the acceptable ports:
+          # - TargetHttpProxy: 80, 8080
+          # - TargetHttpsProxy: 443
+          # - TargetGrpcProxy: no constraints
+          # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetVpnGateway: 500, 4500
+      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # You can specify a list of up to five ports, which can be non-contiguous.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
         "A String",
       ],
       "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -433,19 +784,31 @@ 
Method Details

       "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+          #
+          # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
         { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
           "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
           "service": "A String", # Service Directory service to register the forwarding rule under.
           "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
         },
       ],
-      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+          #
+          # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          #
+          # This field is only used for internal load balancing.
+      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+          #
+          # This field is only used for internal load balancing.
       "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
         "A String",
       ],
-      "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+      "subnetwork": "A String", # This field is only used for internal load balancing.
+          #
+          # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+          #
+          # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
       "target": "A String",
     },
   ],
@@ -454,7 +817,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -480,7 +844,7 @@ 
Method Details

 

 
 

-    patch(project, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    patch(project, forwardingRule, body=None, requestId=None)
   
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.
 
 Args:
@@ -489,40 +853,139 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/alpha/globalForwardingRules) * [Regional](/compute/docs/reference/rest/alpha/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
@@ -530,32 +993,57 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
   "sourceIpRanges": [ # If not empty, this Forwarding Rule will only forward the traffic when the source IP address matches one of the IP addresses or CIDR ranges set here. Note that a Forwarding Rule can only have up to 64 source IP ranges, and this field can only be used with a regional Forwarding Rule whose scheme is EXTERNAL. Each source_ip_range entry should be either an IP address (for example, 1.2.3.4) or a CIDR range (for example, 1.2.3.0/24).
     "A String",
   ],
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -590,7 +1078,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -604,7 +1093,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -620,15 +1109,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -663,7 +1161,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -677,7 +1176,7 @@ 
Method Details

 

 
 

-    setTarget(project, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    setTarget(project, forwardingRule, body=None, requestId=None)
   
Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.
 
 Args:
@@ -690,16 +1189,29 @@ 
Method Details

   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -734,7 +1246,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -748,7 +1261,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -763,10 +1276,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html b/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html
index e57a28bd52f..af594647df1 100644
--- a/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html
+++ b/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html
@@ -75,28 +75,28 @@
 
Compute Engine API . globalNetworkEndpointGroups

 
Instance Methods

 

-  attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)

 
Attach a network endpoint to the specified network endpoint group.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group.Note that the NEG cannot be deleted if there are backend services referencing it.

 

-  detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)

 
Detach the network endpoint from the specified network endpoint group.

 

-  get(project, networkEndpointGroup, x__xgafv=None)

+  get(project, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups that are located in the specified project.

 

-  listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the network endpoints in the specified network endpoint group.

 

   listNetworkEndpoints_next(previous_request, previous_response)

@@ -106,7 +106,7 @@ 
Instance Methods

 
Retrieves the next page of results.

 
Method Details

 

-    attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)
   
Attach a network endpoint to the specified network endpoint group.
 
 Args:
@@ -122,23 +122,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -173,7 +188,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -192,22 +208,35 @@ 
Method Details

 

 
 

-    delete(project, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group.Note that the NEG cannot be deleted if there are backend services referencing it.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -242,7 +271,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -256,7 +286,7 @@ 
Method Details

 

 
 

-    detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)
   
Detach the network endpoint from the specified network endpoint group.
 
 Args:
@@ -272,23 +302,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -323,7 +368,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -337,37 +383,67 @@ 
Method Details

 

 
 

-    get(project, networkEndpointGroup, x__xgafv=None)
+    get(project, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -387,11 +463,37 @@ 
Method Details

   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+      #
+      # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+        #
+        #
+        # - API Gateway: apigateway.googleapis.com
+        # - App Engine: appengine.googleapis.com
+        # - Cloud Functions: cloudfunctions.googleapis.com
+        # - Cloud Run: run.googleapis.com
+    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service name
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service name
+    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service and version
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service and tag
+    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+        #
+        #
+        # - API Gateway: Unused
+        # - App Engine: The service version
+        # - Cloud Functions: Unused
+        # - Cloud Run: The service tag
   },
   "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
   "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -401,7 +503,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -409,23 +511,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -445,11 +581,37 @@ 
Method Details

   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+      #
+      # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+        #
+        #
+        # - API Gateway: apigateway.googleapis.com
+        # - App Engine: appengine.googleapis.com
+        # - Cloud Functions: cloudfunctions.googleapis.com
+        # - Cloud Run: run.googleapis.com
+    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service name
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service name
+    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service and version
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service and tag
+    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+        #
+        #
+        # - API Gateway: Unused
+        # - App Engine: The service version
+        # - Cloud Functions: Unused
+        # - Cloud Run: The service tag
   },
   "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
   "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -457,16 +619,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -501,7 +676,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -515,20 +691,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups that are located in the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -536,23 +718,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -572,11 +788,37 @@ 
Method Details

       "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-        "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-        "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-        "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-        "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+      "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+          #
+          # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+        "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+            #
+            #
+            # - API Gateway: apigateway.googleapis.com
+            # - App Engine: appengine.googleapis.com
+            # - Cloud Functions: cloudfunctions.googleapis.com
+            # - Cloud Run: run.googleapis.com
+        "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+            #
+            #
+            # - API Gateway: The gateway ID
+            # - App Engine: The service name
+            # - Cloud Functions: The function name
+            # - Cloud Run: The service name
+        "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+            #
+            #
+            # - API Gateway: The gateway ID
+            # - App Engine: The service and version
+            # - Cloud Functions: The function name
+            # - Cloud Run: The service and tag
+        "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+            #
+            #
+            # - API Gateway: Unused
+            # - App Engine: The service version
+            # - Cloud Functions: Unused
+            # - Cloud Run: The service tag
       },
       "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
       "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -589,7 +831,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -601,21 +844,27 @@ 
Method Details

 

 
 

-    listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the network endpoints in the specified network endpoint group.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group from which you want to generate a list of included network endpoints. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -632,10 +881,16 @@ 
Method Details

           "forwardingRule": { # URL of the forwarding rule associated with the health state of the network endpoint.
             "forwardingRule": "A String",
           },
-          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check # URL of the health check associated with the health state of the network endpoint.
+          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: # URL of the health check associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+              # - projects/project-id/global/httpHealthChecks/health-check
+              # - global/httpHealthChecks/health-check
             "healthCheck": "A String",
           },
-          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service - projects/project-id/regions/us-west1/healthCheckServices/health-check-service - regions/us-west1/healthCheckServices/health-check-service # URL of the health check service associated with the health state of the network endpoint.
+          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: # URL of the health check service associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - regions/us-west1/healthCheckServices/health-check-service
             "healthCheckService": "A String",
           },
           "healthState": "A String", # Health state of the network endpoint determined based on the health checks configured.
@@ -646,7 +901,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -656,7 +913,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.globalOperations.html b/docs/dyn/compute_alpha.globalOperations.html
index c1cdda8db3a..dc8a147baa4 100644
--- a/docs/dyn/compute_alpha.globalOperations.html
+++ b/docs/dyn/compute_alpha.globalOperations.html
@@ -75,7 +75,7 @@
 
Compute Engine API . globalOperations

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of all operations.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, operation, x__xgafv=None)

+  delete(project, operation)

 
Deletes the specified Operations resource.

 

-  get(project, operation, x__xgafv=None)

+  get(project, operation)

 
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of all operations.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,7 +130,20 @@ 
Method Details

   "items": { # [Output Only] A map of scoped operation lists.
     "a_key": { # [Output Only] Name of the scope containing this set of operations.
       "operations": [ # [Output Only] A list of operations contained in this scope.
-        { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+        { # Represents an Operation resource.
+            #
+            # Google Compute Engine has three Operation resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+            #
+            # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+            #
+            # Operations can be global, regional or zonal.
+            # - For global operations, use the `globalOperations` resource.
+            # - For regional operations, use the `regionOperations` resource.
+            # - For zonal operations, use the `zonalOperations` resource.
+            #
+            # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
           "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
           "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
           "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -159,7 +178,8 @@ 
Method Details

           "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
             {
               "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-              "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+              "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                  # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
                 {
                   "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                   "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,7 +193,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of operations when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,7 +212,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -222,35 +244,40 @@ 
Method Details

 

 
 

-    delete(project, operation, x__xgafv=None)
+    delete(project, operation)
   
Deletes the specified Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, operation, x__xgafv=None)
+    get(project, operation)
   
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -285,7 +312,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -299,20 +327,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -320,7 +354,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -355,7 +402,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -372,7 +420,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -398,21 +447,34 @@ 
Method Details

 

 
 

-    wait(project, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -447,7 +509,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.globalOrganizationOperations.html b/docs/dyn/compute_alpha.globalOrganizationOperations.html
index a3063a6b09c..ba99410b03d 100644
--- a/docs/dyn/compute_alpha.globalOrganizationOperations.html
+++ b/docs/dyn/compute_alpha.globalOrganizationOperations.html
@@ -78,13 +78,13 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(operation, parentId=None, x__xgafv=None)

+  delete(operation, parentId=None)

 
Deletes the specified Operations resource.

 

-  get(operation, parentId=None, x__xgafv=None)

+  get(operation, parentId=None)

 
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified organization.

 

   list_next(previous_request, previous_response)

@@ -96,35 +96,40 @@ 
Method Details

 

 
 

-    delete(operation, parentId=None, x__xgafv=None)
+    delete(operation, parentId=None)
   
Deletes the specified Operations resource.
 
 Args:
   operation: string, Name of the Operations resource to delete. (required)
   parentId: string, Parent ID for this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(operation, parentId=None, x__xgafv=None)
+    get(operation, parentId=None)
   
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.
 
 Args:
   operation: string, Name of the Operations resource to return. (required)
   parentId: string, Parent ID for this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -159,7 +164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,20 +179,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified organization.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -194,7 +206,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -229,7 +254,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -246,7 +272,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html b/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html
index a5f119d7ade..f7febaa70e1 100644
--- a/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html
+++ b/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, publicDelegatedPrefix, requestId=None, x__xgafv=None)

+  delete(project, publicDelegatedPrefix, requestId=None)

 
Deletes the specified global PublicDelegatedPrefix.

 

-  get(project, publicDelegatedPrefix, x__xgafv=None)

+  get(project, publicDelegatedPrefix)

 
Returns the specified global PublicDelegatedPrefix resource.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a global PublicDelegatedPrefix in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the global PublicDelegatedPrefixes for a project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, publicDelegatedPrefix, body=None, requestId=None)

 
Patches the specified global PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, publicDelegatedPrefix, requestId=None, x__xgafv=None)
+    delete(project, publicDelegatedPrefix, requestId=None)
   
Deletes the specified global PublicDelegatedPrefix.
 
 Args:
   project: string, Project ID for this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -152,7 +165,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,16 +180,12 @@ 
Method Details

 

 
 

-    get(project, publicDelegatedPrefix, x__xgafv=None)
+    get(project, publicDelegatedPrefix)
   
Returns the specified global PublicDelegatedPrefix resource.
 
 Args:
   project: string, Project ID for this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -183,7 +193,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -209,7 +221,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a global PublicDelegatedPrefix in the specified project using the parameters that are included in the request.
 
 Args:
@@ -220,7 +232,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -244,16 +258,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -288,7 +315,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -302,20 +330,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the global PublicDelegatedPrefixes for a project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -326,7 +360,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
       "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -355,7 +391,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -381,7 +418,7 @@ 
Method Details

 

 
 

-    patch(project, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, publicDelegatedPrefix, body=None, requestId=None)
   
Patches the specified global PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -393,7 +430,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -417,16 +456,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -461,7 +513,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.healthChecks.html b/docs/dyn/compute_alpha.healthChecks.html
index 8c8bc028abb..80e605e9445 100644
--- a/docs/dyn/compute_alpha.healthChecks.html
+++ b/docs/dyn/compute_alpha.healthChecks.html
@@ -75,7 +75,7 @@
 
Compute Engine API . healthChecks

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all HealthCheck resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, healthCheck, requestId=None, x__xgafv=None)

+  delete(project, healthCheck, requestId=None)

 
Deletes the specified HealthCheck resource.

 

-  get(project, healthCheck, x__xgafv=None)

+  get(project, healthCheck)

 
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, healthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, healthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all HealthCheck resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,22 +139,53 @@ 
Method Details

   "items": { # A list of HealthChecksScopedList resources.
     "a_key": { # Name of the scope containing this set of HealthChecks.
       "healthChecks": [ # A list of HealthChecks contained in this scope.
-        { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+        { # Represents a Health Check resource.
+            #
+            # Google Compute Engine has two Health Check resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+            #
+            # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+            #
+            # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+            #
+            # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+            #
+            # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+            #
+            # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+            #
+            # For more information, see Health checks overview.
           "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "grpcHealthCheck": {
-            "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+            "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+                # - Empty service_name means the overall status of all services at the backend.
+                # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+                # The grpc_service_name can only be ASCII.
             "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, gRPC health check follows behavior specified in port and portName fields.
           },
           "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
           "http2HealthCheck": {
             "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -158,7 +195,13 @@ 
Method Details

             "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTP health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -168,7 +211,13 @@ 
Method Details

             "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTPS health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -186,7 +235,13 @@ 
Method Details

           "sslHealthCheck": {
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, SSL health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
             "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -194,7 +249,13 @@ 
Method Details

           "tcpHealthCheck": {
             "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, TCP health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
             "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -212,7 +273,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -230,7 +292,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -261,22 +324,35 @@ 
Method Details

 

 
 

-    delete(project, healthCheck, requestId=None, x__xgafv=None)
+    delete(project, healthCheck, requestId=None)
   
Deletes the specified HealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   healthCheck: string, Name of the HealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -311,7 +387,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -325,36 +402,63 @@ 
Method Details

 

 
 

-    get(project, healthCheck, x__xgafv=None)
+    get(project, healthCheck)
   
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   healthCheck: string, Name of the HealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+    #
+    # Google Compute Engine has two Health Check resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    #
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    #
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    #
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    #
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -364,7 +468,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -374,7 +484,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -392,7 +508,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -400,7 +522,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -418,7 +546,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -426,22 +554,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -451,7 +610,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -461,7 +626,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -479,7 +650,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -487,7 +664,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -503,16 +686,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -547,7 +743,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -561,20 +758,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -582,22 +785,53 @@ 
Method Details

     { # Contains a list of HealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheck resources.
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+        #
+        # Google Compute Engine has two Health Check resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+        #
+        # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+        #
+        # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+        #
+        # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+        #
+        # For more information, see Health checks overview.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcHealthCheck": {
-        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+            # - Empty service_name means the overall status of all services at the backend.
+            # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+            # The grpc_service_name can only be ASCII.
         "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, gRPC health check follows behavior specified in port and portName fields.
       },
       "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
       "http2HealthCheck": {
         "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -607,7 +841,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -617,7 +857,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTPS health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -635,7 +881,13 @@ 
Method Details

       "sslHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, SSL health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -643,7 +895,13 @@ 
Method Details

       "tcpHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, TCP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -664,7 +922,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -690,7 +949,7 @@ 
Method Details

 

 
 

-    patch(project, healthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -699,22 +958,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -724,7 +1014,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -734,7 +1030,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -752,7 +1054,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -760,7 +1068,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -776,16 +1090,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -820,7 +1147,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -834,7 +1162,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -849,10 +1177,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -865,7 +1189,7 @@ 
Method Details

 

 
 

-    update(project, healthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -874,22 +1198,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -899,7 +1254,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -909,7 +1270,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -927,7 +1294,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -935,7 +1308,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -951,16 +1330,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -995,7 +1387,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.httpHealthChecks.html b/docs/dyn/compute_alpha.httpHealthChecks.html
index bee7d3db980..684ce79169a 100644
--- a/docs/dyn/compute_alpha.httpHealthChecks.html
+++ b/docs/dyn/compute_alpha.httpHealthChecks.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, httpHealthCheck, requestId=None, x__xgafv=None)

+  delete(project, httpHealthCheck, requestId=None)

 
Deletes the specified HttpHealthCheck resource.

 

-  get(project, httpHealthCheck, x__xgafv=None)

+  get(project, httpHealthCheck)

 
Returns the specified HttpHealthCheck resource. Gets a list of available HTTP health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HttpHealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HttpHealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, httpHealthCheck, body=None, requestId=None)

 
Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, httpHealthCheck, body=None, requestId=None)

 
Updates a HttpHealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, httpHealthCheck, requestId=None, x__xgafv=None)
+    delete(project, httpHealthCheck, requestId=None)
   
Deletes the specified HttpHealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   httpHealthCheck: string, Name of the HttpHealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,21 +186,19 @@ 
Method Details

 

 
 

-    get(project, httpHealthCheck, x__xgafv=None)
+    get(project, httpHealthCheck)
   
Returns the specified HttpHealthCheck resource. Gets a list of available HTTP health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   httpHealthCheck: string, Name of the HttpHealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTP Health Check resource.
+    #
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -205,7 +217,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HttpHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -213,7 +225,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -230,16 +244,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -274,7 +301,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -288,20 +316,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HttpHealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -309,7 +343,9 @@ 
Method Details

     { # Contains a list of HttpHealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HttpHealthCheck resources.
-    { # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTP Health Check resource.
+        #
+        # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -331,7 +367,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -357,7 +394,7 @@ 
Method Details

 

 
 

-    patch(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, httpHealthCheck, body=None, requestId=None)
   
Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -366,7 +403,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -383,16 +422,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -427,7 +479,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -441,7 +494,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -456,10 +509,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -472,7 +521,7 @@ 
Method Details

 

 
 

-    update(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, httpHealthCheck, body=None, requestId=None)
   
Updates a HttpHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -481,7 +530,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -498,16 +549,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -542,7 +606,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.httpsHealthChecks.html b/docs/dyn/compute_alpha.httpsHealthChecks.html
index f439641fc1c..a68b829bfdf 100644
--- a/docs/dyn/compute_alpha.httpsHealthChecks.html
+++ b/docs/dyn/compute_alpha.httpsHealthChecks.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, httpsHealthCheck, requestId=None, x__xgafv=None)

+  delete(project, httpsHealthCheck, requestId=None)

 
Deletes the specified HttpsHealthCheck resource.

 

-  get(project, httpsHealthCheck, x__xgafv=None)

+  get(project, httpsHealthCheck)

 
Returns the specified HttpsHealthCheck resource. Gets a list of available HTTPS health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HttpsHealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HttpsHealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, httpsHealthCheck, body=None, requestId=None)

 
Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, httpsHealthCheck, body=None, requestId=None)

 
Updates a HttpsHealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, httpsHealthCheck, requestId=None, x__xgafv=None)
+    delete(project, httpsHealthCheck, requestId=None)
   
Deletes the specified HttpsHealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   httpsHealthCheck: string, Name of the HttpsHealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,21 +186,19 @@ 
Method Details

 

 
 

-    get(project, httpsHealthCheck, x__xgafv=None)
+    get(project, httpsHealthCheck)
   
Returns the specified HttpsHealthCheck resource. Gets a list of available HTTPS health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   httpsHealthCheck: string, Name of the HttpsHealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTPS Health Check resource.
+    #
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -205,7 +217,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HttpsHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -213,7 +225,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -230,16 +244,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -274,7 +301,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -288,20 +316,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HttpsHealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -309,7 +343,9 @@ 
Method Details

     { # Contains a list of HttpsHealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HttpsHealthCheck resources.
-    { # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTPS Health Check resource.
+        #
+        # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -331,7 +367,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -357,7 +394,7 @@ 
Method Details

 

 
 

-    patch(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, httpsHealthCheck, body=None, requestId=None)
   
Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -366,7 +403,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -383,16 +422,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -427,7 +479,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -441,7 +494,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -456,10 +509,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -472,7 +521,7 @@ 
Method Details

 

 
 

-    update(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, httpsHealthCheck, body=None, requestId=None)
   
Updates a HttpsHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -481,7 +530,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -498,16 +549,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -542,7 +606,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.imageFamilyViews.html b/docs/dyn/compute_alpha.imageFamilyViews.html
index 08c3e7b5fec..63b00002421 100644
--- a/docs/dyn/compute_alpha.imageFamilyViews.html
+++ b/docs/dyn/compute_alpha.imageFamilyViews.html
@@ -78,7 +78,7 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, family, x__xgafv=None)

+  get(project, zone, family)

 
Returns the latest image that is part of an image family, is not deprecated and is rolled out in the specified zone.

 
Method Details

 

@@ -87,23 +87,21 @@ 
Method Details

 

 
 

-    get(project, zone, family, x__xgafv=None)
+    get(project, zone, family)
   
Returns the latest image that is part of an image family, is not deprecated and is rolled out in the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   family: string, Name of the image family to search for. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     {
-  "image": { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images. # The latest image that is part of the specified image family in the requested location, and that is not deprecated.
+  "image": { # Represents an Image resource. # The latest image that is part of the specified image family in the requested location, and that is not deprecated.
+      #
+      # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
     "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
     "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -114,7 +112,11 @@ 
Method Details

       "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
       "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
         "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-        "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+        "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+            #
+            # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+            #
+            # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
           "a_key": "A String",
         },
       },
@@ -122,21 +124,34 @@ 
Method Details

     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
     "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
     "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
       { # Guest OS features.
-        "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+        "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
       },
     ],
     "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-    "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+    "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+        #
+        # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+        #
+        # Customer-supplied encryption keys do not protect access to metadata of the disk.
+        #
+        # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-    "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+    "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve an image.
     "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
       "a_key": "A String",
     },
@@ -150,11 +165,21 @@ 
Method Details

     "rawDisk": { # The parameters of the raw disk image.
       "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
       "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-      "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
     },
     "rolloutOverride": { # A rollout policy configuration. # A rollout policy to apply to this image. When specified, the rollout policy overrides per-zone references to the image via the associated image family. The rollout policy restricts the zones where this image is accessible when using a zonal image family reference. When the rollout policy does not include the user specified zone, or if the zone is rolled out, this image is accessible.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -185,30 +210,66 @@ 
Method Details

         "fileType": "A String", # The file type of source file.
       },
     },
-    "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+        # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+        # - projects/project/zones/zone/disks/disk
+        # - zones/zone/disks/disk
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
     "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-    "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "sourceImage": "A String", # URL of the source image used to create this image.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
     "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-    "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
     "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
diff --git a/docs/dyn/compute_alpha.images.html b/docs/dyn/compute_alpha.images.html
index 8d7ccd4cf15..655952925b5 100644
--- a/docs/dyn/compute_alpha.images.html
+++ b/docs/dyn/compute_alpha.images.html
@@ -78,40 +78,40 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, image, requestId=None, x__xgafv=None)

+  delete(project, image, requestId=None)

 
Deletes the specified image.

 

-  deprecate(project, image, body=None, requestId=None, x__xgafv=None)

-
Sets the deprecation status of an image. If an empty request body is given, clears the deprecation status instead.

+  deprecate(project, image, body=None, requestId=None)

+
Sets the deprecation status of an image.

 

-  get(project, image, x__xgafv=None)

+  get(project, image)

 
Returns the specified image. Gets a list of available images by making a list() request.

 

-  getFromFamily(project, family, x__xgafv=None)

+  getFromFamily(project, family)

 
Returns the latest image that is part of an image family and is not deprecated.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, forceCreate=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, forceCreate=None, requestId=None)

 
Creates an image in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None, zone=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, zone=None)

 
Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, image, body=None, requestId=None, x__xgafv=None)

+  patch(project, image, body=None, requestId=None)

 
Patches the specified image with the data included in the request. Only the following fields can be modified: family, description, deprecation status.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -120,22 +120,35 @@ 
Method Details

 

 
 

-    delete(project, image, requestId=None, x__xgafv=None)
+    delete(project, image, requestId=None)
   
Deletes the specified image.
 
 Args:
   project: string, Project ID for this request. (required)
   image: string, Name of the image resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -170,7 +183,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -184,8 +198,10 @@ 
Method Details

 

 
 

-    deprecate(project, image, body=None, requestId=None, x__xgafv=None)
-  
Sets the deprecation status of an image. If an empty request body is given, clears the deprecation status instead.
+    deprecate(project, image, body=None, requestId=None)
+  
Sets the deprecation status of an image.
+
+If an empty request body is given, clears the deprecation status instead.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -201,22 +217,39 @@ 
Method Details

   "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
   "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
     "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+        #
+        # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+        #
+        # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
       "a_key": "A String",
     },
   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -251,7 +284,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -265,21 +299,19 @@ 
Method Details

 

 
 

-    get(project, image, x__xgafv=None)
+    get(project, image)
   
Returns the specified image. Gets a list of available images by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   image: string, Name of the image resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+    #
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -290,7 +322,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -298,21 +334,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      #
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -326,11 +375,21 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "rolloutOverride": { # A rollout policy configuration. # A rollout policy to apply to this image. When specified, the rollout policy overrides per-zone references to the image via the associated image family. The rollout policy restricts the zones where this image is accessible when using a zonal image family reference. When the rollout policy does not include the user specified zone, or if the zone is rolled out, this image is accessible.
     "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+        #
+        # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+        #
+        # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
       "a_key": "A String",
     },
   },
@@ -361,30 +420,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -397,21 +492,19 @@ 
Method Details

 

 
 

-    getFromFamily(project, family, x__xgafv=None)
+    getFromFamily(project, family)
   
Returns the latest image that is part of an image family and is not deprecated.
 
 Args:
   project: string, Project ID for this request. (required)
   family: string, Name of the image family to search for. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+    #
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -422,7 +515,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -430,21 +527,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      #
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -458,11 +568,21 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "rolloutOverride": { # A rollout policy configuration. # A rollout policy to apply to this image. When specified, the rollout policy overrides per-zone references to the image via the associated image family. The rollout policy restricts the zones where this image is accessible when using a zonal image family reference. When the rollout policy does not include the user specified zone, or if the zone is rolled out, this image is accessible.
     "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+        #
+        # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+        #
+        # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
       "a_key": "A String",
     },
   },
@@ -493,30 +613,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -529,34 +685,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -564,76 +744,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, forceCreate=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, forceCreate=None, requestId=None)
   
Creates an image in the specified project using the data included in the request.
 
 Args:
@@ -641,7 +889,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+{ # Represents an Image resource.
+    # 
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -652,7 +902,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -660,21 +914,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      # 
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -688,11 +955,21 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        # 
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "rolloutOverride": { # A rollout policy configuration. # A rollout policy to apply to this image. When specified, the rollout policy overrides per-zone references to the image via the associated image family. The rollout policy restricts the zones where this image is accessible when using a zonal image family reference. When the rollout policy does not include the user specified zone, or if the zone is rolled out, this image is accessible.
     "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+        #
+        # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+        #
+        # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
       "a_key": "A String",
     },
   },
@@ -723,30 +1000,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -758,16 +1071,29 @@ 
Method Details

 }
 
   forceCreate: boolean, Force image creation if true.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -802,7 +1128,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -816,20 +1143,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None, zone=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, zone=None)
   
Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
   zone: string, The zone query parameter.
 
 Returns:
@@ -838,7 +1171,9 @@ 
Method Details

     { # Contains a list of images.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Image resources.
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+        #
+        # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
       "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -849,7 +1184,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -857,21 +1196,34 @@ 
Method Details

       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
       "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+      "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+          #
+          # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an image.
       "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -885,11 +1237,21 @@ 
Method Details

       "rawDisk": { # The parameters of the raw disk image.
         "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
         "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-        "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+        "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+            #
+            # In order to create an image, you must provide the full or partial URL of one of the following:
+            # - The rawDisk.source URL
+            # - The sourceDisk URL
+            # - The sourceImage URL
+            # - The sourceSnapshot URL
       },
       "rolloutOverride": { # A rollout policy configuration. # A rollout policy to apply to this image. When specified, the rollout policy overrides per-zone references to the image via the associated image family. The rollout policy restricts the zones where this image is accessible when using a zonal image family reference. When the rollout policy does not include the user specified zone, or if the zone is rolled out, this image is accessible.
         "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-        "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+        "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+            #
+            # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+            #
+            # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
           "a_key": "A String",
         },
       },
@@ -920,30 +1282,66 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-      "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceImage": "A String", # URL of the source image used to create this image.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-      "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -959,7 +1357,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -985,7 +1384,7 @@ 
Method Details

 

 
 

-    patch(project, image, body=None, requestId=None, x__xgafv=None)
+    patch(project, image, body=None, requestId=None)
   
Patches the specified image with the data included in the request. Only the following fields can be modified: family, description, deprecation status.
 
 Args:
@@ -994,7 +1393,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+{ # Represents an Image resource.
+    # 
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -1005,7 +1406,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -1013,21 +1418,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      # 
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -1041,11 +1459,21 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        # 
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "rolloutOverride": { # A rollout policy configuration. # A rollout policy to apply to this image. When specified, the rollout policy overrides per-zone references to the image via the associated image family. The rollout policy restricts the zones where this image is accessible when using a zonal image family reference. When the rollout policy does not include the user specified zone, or if the zone is rolled out, this image is accessible.
     "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+    "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+        #
+        # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+        #
+        # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
       "a_key": "A String",
     },
   },
@@ -1076,30 +1504,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -1110,16 +1574,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1154,7 +1631,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1168,7 +1646,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1180,33 +1658,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1214,95 +1766,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1310,76 +1954,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1395,15 +2107,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1438,7 +2159,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1452,7 +2174,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1467,10 +2189,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.instanceGroupManagers.html b/docs/dyn/compute_alpha.instanceGroupManagers.html
index 684ea85bd89..36ddd41ee85 100644
--- a/docs/dyn/compute_alpha.instanceGroupManagers.html
+++ b/docs/dyn/compute_alpha.instanceGroupManagers.html
@@ -75,55 +75,55 @@
 
Compute Engine API . instanceGroupManagers

 
Instance Methods

 

-  abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of managed instance groups and groups them by zone.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  applyUpdatesToInstances(project, zone, instanceGroupManager, body=None, x__xgafv=None)

+  applyUpdatesToInstances(project, zone, instanceGroupManager, body=None)

 
Applies changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.

 

   close()

 
Close httplib2 connections.

 

-  createInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  createInstances(project, zone, instanceGroupManager, body=None, requestId=None)

 
Creates instances with per-instance configs in this managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.

 

-  delete(project, zone, instanceGroupManager, requestId=None, x__xgafv=None)

-
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read Deleting an instance group for more information.

+  delete(project, zone, instanceGroupManager, requestId=None)

+
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.

 

-  deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.

 

-  deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None, x__xgafv=None)

+  deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None)

 
Deletes selected per-instance configs for the managed instance group.

 

-  get(project, zone, instanceGroupManager, x__xgafv=None)

+  get(project, zone, instanceGroupManager)

 
Returns all of the details about the specified managed instance group. Gets a list of available managed instance groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

-
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.

+  insert(project, zone, body=None, requestId=None)

+
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of managed instance groups that are contained within the specified project and zone.

 

-  listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all errors thrown by actions on instances for a given managed instance group. The filter and orderBy query parameters are not supported.

 

   listErrors_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action. The orderBy query parameter is not supported.

 

   listManagedInstances_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.

 

   listPerInstanceConfigs_next(previous_request, previous_response)

@@ -132,54 +132,58 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)

 
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 

-  recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.

 

-  resize(project, zone, instanceGroupManager, size, requestId=None, x__xgafv=None)

-
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including: + The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance. This list is subject to change. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resize(project, zone, instanceGroupManager, size, requestId=None)

+
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.

 

-  resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None)

+
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.

 

-  resumeInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method. In this request, you can only specify instances that are suspended. For example, if an instance was previously suspended using the suspendInstances method, it can be resumed using the resumeInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are resumed. You can specify a maximum of 1000 instances with this method per request.

+  resumeInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method.

 

-  setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None)

 
Motifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use instanceGroupManagers.patch instead.

 

-  setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None)

 
Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.

 

-  setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None)

 
Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.

 

-  startInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method. In this request, you can only specify instances that are stopped. For example, if an instance was previously stopped using the stopInstances method, it can be started using the startInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are started. You can specify a maximum of 1000 instances with this method per request.

+  startInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method.

 

-  stopInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is stopped, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_STOP on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not stopped. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Stopped instances can be started using the startInstances method. You can specify a maximum of 1000 instances with this method per request.

+  stopInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method.

 

-  suspendInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is suspended, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_SUSPEND on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not suspended. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Suspended instances can be resumed using the resumeInstances method. You can specify a maximum of 1000 instances with this method per request.

+  suspendInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  update(project, zone, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.

 

-  updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)

 
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 
Method Details

 

-    abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -194,16 +198,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -238,7 +255,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -252,21 +270,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of managed instance groups and groups them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -276,13 +300,27 @@ 
Method Details

   "items": { # A list of InstanceGroupManagersScopedList resources.
     "a_key": { # [Output Only] The name of the scope that contains this set of managed instance groups.
       "instanceGroupManagers": [ # [Output Only] The list of managed instance groups that are contained in the specified project and zone.
-        { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+        { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+            #
+            # Represents a Managed Instance Group resource.
+            #
+            # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+            #
+            # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+            #
+            # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
           "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
             {
               "healthCheck": "A String", # The URL for the health check that signals autohealing.
               "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-              "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+              "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+                  #
+                  # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -292,7 +330,9 @@ 
Method Details

           "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
           "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
             "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-            "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+            "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+                #
+                # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
             "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
             "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
             "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -315,11 +355,17 @@ 
Method Details

             ],
           },
           "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-          "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+          "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
           "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
           "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
           "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-            "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+            "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+                #
+                # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+                #
+                # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
               "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
             },
           },
@@ -327,7 +373,7 @@ 
Method Details

           "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
           "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
           "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-            { # The named port. For example: <"http", 80>.
+            { # The named port. For example: .
               "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
               "port": 42, # The port number, which can be a value between 1 and 65535.
             },
@@ -373,17 +419,39 @@ 
Method Details

             "A String",
           ],
           "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-          "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-          "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+          "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+              # - Stop instance using the stopInstances method or start instances using the startInstances method.
+              # - Manually change the targetStoppedSize using the update method.
+          "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+              # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+              # - Manually change the targetSuspendedSize using the update method.
           "updatePolicy": { # The update policy for this managed instance group.
-            "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-            "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+                # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+                # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+            "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+                #
+                # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                  #
+                  #
+                  # - If the value is fixed, then the calculated value is equal to the fixed value.
+                  # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
               "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
               "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
             },
-            "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+                #
+                #
+                # - The instance's status is RUNNING.
+                # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+                #
+                # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                  #
+                  #
+                  # - If the value is fixed, then the calculated value is equal to the fixed value.
+                  # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
               "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
               "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
             },
@@ -393,13 +461,21 @@ 
Method Details

             "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
             "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
           },
-          "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+          "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+              #
+              # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
             {
               "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
               "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
               "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-              "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+              "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+                  # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+                  # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -410,7 +486,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] The warning that replaces the list of managed instance groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -428,7 +505,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -454,7 +532,7 @@ 
Method Details

 

 
 

-    applyUpdatesToInstances(project, zone, instanceGroupManager, body=None, x__xgafv=None)
+    applyUpdatesToInstances(project, zone, instanceGroupManager, body=None)
   
Applies changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.
 
 Args:
@@ -465,24 +543,41 @@ 
Method Details

     The object takes the form of:
 
 { # InstanceGroupManagers.applyUpdatesToInstances
-  "allInstances": True or False, # Flag to update all instances instead of specified list of “instances”. If the flag is set to true then the instances may not be specified in the request.
+  "allInstances": True or False, # Flag to update all instances instead of specified list of ?instances?. If the flag is set to true then the instances may not be specified in the request.
   "instances": [ # The list of URLs of one or more instances for which you want to apply updates. Each URL can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].
     "A String",
   ],
   "maximalAction": "A String", # The maximal action that should be performed on the instances. By default REPLACE. This field is deprecated, please use most_disruptive_allowed_action.
-  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update: - REPLACE: At minimum, delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
-  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update: - REPLACE: Delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
+  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update:
+      # - REPLACE: At minimum, delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
+  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update:
+      # - REPLACE: Delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -517,7 +612,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -536,7 +632,7 @@ 
Method Details

 

 
 

-    createInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    createInstances(project, zone, instanceGroupManager, body=None, requestId=None)
   
Creates instances with per-instance configs in this managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.
 
 Args:
@@ -586,16 +682,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -630,7 +739,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -644,23 +754,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instanceGroupManager, requestId=None, x__xgafv=None)
-  
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read Deleting an instance group for more information.
+    delete(project, zone, instanceGroupManager, requestId=None)
+  
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -695,7 +818,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -709,8 +833,12 @@ 
Method Details

 

 
 

-    deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -726,16 +854,29 @@ 
Method Details

   "skipInstancesOnValidationError": True or False, # Specifies whether the request should proceed despite the inclusion of instances that are not members of the group or that are already in the process of being deleted or abandoned. If this field is set to `false` and such an instance is specified in the request, the operation fails. The operation always fails if the request contains a malformed instance URL or a reference to an instance that exists in a zone or region other than the group's zone or region.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -770,7 +911,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -784,7 +926,7 @@ 
Method Details

 

 
 

-    deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None, x__xgafv=None)
+    deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None)
   
Deletes selected per-instance configs for the managed instance group.
 
 Args:
@@ -800,15 +942,24 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -843,7 +994,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -857,28 +1009,38 @@ 
Method Details

 

 
 

-    get(project, zone, instanceGroupManager, x__xgafv=None)
+    get(project, zone, instanceGroupManager)
   
Returns all of the details about the specified managed instance group. Gets a list of available managed instance groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    #
+    # Represents a Managed Instance Group resource.
+    #
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    #
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    #
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -888,7 +1050,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -911,11 +1075,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -923,7 +1093,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -969,17 +1139,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -989,13 +1181,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      #
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1006,8 +1206,10 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
-  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.
+    insert(project, zone, body=None, requestId=None)
+  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.
+
+A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1015,13 +1217,27 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1031,7 +1247,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1054,11 +1272,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -1066,7 +1290,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -1112,17 +1336,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1132,13 +1378,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1147,16 +1401,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1191,7 +1458,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1205,21 +1473,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of managed instance groups that are contained within the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1227,13 +1501,27 @@ 
Method Details

     { # [Output Only] A list of managed instance groups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroupManager resources.
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+        #
+        # Represents a Managed Instance Group resource.
+        #
+        # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+        #
+        # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+        #
+        # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
       "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
         {
           "healthCheck": "A String", # The URL for the health check that signals autohealing.
           "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-          "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+              #
+              # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1243,7 +1531,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
       "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
         "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+            #
+            # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
         "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
         "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
         "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1266,11 +1556,17 @@ 
Method Details

         ],
       },
       "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
       "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
       "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
       "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-        "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+        "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+            #
+            # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+            #
+            # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
           "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
         },
       },
@@ -1278,7 +1574,7 @@ 
Method Details

       "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
       "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
       "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -1324,17 +1620,39 @@ 
Method Details

         "A String",
       ],
       "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-      "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-      "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+      "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+          # - Stop instance using the stopInstances method or start instances using the startInstances method.
+          # - Manually change the targetStoppedSize using the update method.
+      "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+          # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+          # - Manually change the targetSuspendedSize using the update method.
       "updatePolicy": { # The update policy for this managed instance group.
-        "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+            # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+            # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
-        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+            #
+            #
+            # - The instance's status is RUNNING.
+            # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
@@ -1344,13 +1662,21 @@ 
Method Details

         "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
         "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
       },
-      "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+      "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+          #
+          # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
         {
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
           "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
           "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+              # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+              # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1364,7 +1690,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1376,22 +1703,28 @@ 
Method Details

 

 
 

-    listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all errors thrown by actions on instances for a given managed instance group. The filter and orderBy query parameters are not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. It should conform to RFC1035. (required)
-  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|1-9{0,19}. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|[1-9][0-9]{0,19}. (required)
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1433,22 +1766,28 @@ 
Method Details

 

 
 

-    listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1456,7 +1795,16 @@ 
Method Details

     {
   "managedInstances": [ # [Output Only] The list of instances in the managed instance group.
     { # A Managed Instance resource.
-      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. - RECREATING The managed instance group is recreating this instance. - DELETING The managed instance group is permanently deleting this instance. - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. - RESTARTING The managed instance group is restarting the instance. - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
+      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values:
+          # - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance.
+          # - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful.
+          # - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead.
+          # - RECREATING The managed instance group is recreating this instance.
+          # - DELETING The managed instance group is permanently deleting this instance.
+          # - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group.
+          # - RESTARTING The managed instance group is restarting the instance.
+          # - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.
+          # - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
       "id": "A String", # [Output only] The unique identifier for this resource. This field is empty when instance does not exist.
       "instance": "A String", # [Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.
       "instanceHealth": [ # [Output Only] Health state of the instance per health-check.
@@ -1566,22 +1914,28 @@ 
Method Details

 

 
 

-    listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. It should conform to RFC1035. (required)
   instanceGroupManager: string, The name of the managed instance group. It should conform to RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1627,7 +1981,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1667,7 +2022,7 @@ 
Method Details

 

 
 

-    patch(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -1677,13 +2032,27 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1693,7 +2062,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1716,11 +2087,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -1728,7 +2105,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -1774,17 +2151,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1794,13 +2193,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1809,16 +2216,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1853,7 +2273,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1867,7 +2288,7 @@ 
Method Details

 

 
 

-    patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)
   
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1917,16 +2338,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1961,7 +2395,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1975,8 +2410,12 @@ 
Method Details

 

 
 

-    recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1991,16 +2430,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2035,7 +2487,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2049,24 +2502,45 @@ 
Method Details

 

 
 

-    resize(project, zone, instanceGroupManager, size, requestId=None, x__xgafv=None)
-  
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including: + The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance. This list is subject to change. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resize(project, zone, instanceGroupManager, size, requestId=None)
+  
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.
+
+When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including:
+
++ The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance.
+
+This list is subject to change.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
   size: integer, The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2101,7 +2575,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2115,8 +2590,12 @@ 
Method Details

 

 
 

-    resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.
+
+If you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2126,20 +2605,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "noCreationRetries": True or False, # If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attempts to recreate each instance continuously until it succeeds. This flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario. This flag is applicable only to the current resize request. It does not influence other resize requests in any way. You can see which instances is being creating in which mode by calling the get or listManagedInstances API.
+  "noCreationRetries": True or False, # If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attempts to recreate each instance continuously until it succeeds.
+      # 
+      # This flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario.
+      # 
+      # This flag is applicable only to the current resize request. It does not influence other resize requests in any way.
+      # 
+      # You can see which instances is being creating in which mode by calling the get or listManagedInstances API.
   "targetSize": 42, # The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2174,7 +2672,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2188,8 +2687,14 @@ 
Method Details

 

 
 

-    resumeInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method. In this request, you can only specify instances that are suspended. For example, if an instance was previously suspended using the suspendInstances method, it can be resumed using the resumeInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are resumed. You can specify a maximum of 1000 instances with this method per request.
+    resumeInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method.
+
+In this request, you can only specify instances that are suspended. For example, if an instance was previously suspended using the suspendInstances method, it can be resumed using the resumeInstances method.
+
+If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are resumed.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2204,16 +2709,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2248,7 +2766,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2262,7 +2781,7 @@ 
Method Details

 

 
 

-    setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None)
   
Motifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use instanceGroupManagers.patch instead.
 
 Args:
@@ -2277,8 +2796,14 @@ 
Method Details

     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2286,16 +2811,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2330,7 +2868,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2344,7 +2883,7 @@ 
Method Details

 

 
 

-    setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None)
   
Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
 
 Args:
@@ -2358,16 +2897,29 @@ 
Method Details

   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2402,7 +2954,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2416,7 +2969,7 @@ 
Method Details

 

 
 

-    setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None)
   
Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.
 
 Args:
@@ -2433,16 +2986,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2477,7 +3043,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2491,8 +3058,14 @@ 
Method Details

 

 
 

-    startInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method. In this request, you can only specify instances that are stopped. For example, if an instance was previously stopped using the stopInstances method, it can be started using the startInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are started. You can specify a maximum of 1000 instances with this method per request.
+    startInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method.
+
+In this request, you can only specify instances that are stopped. For example, if an instance was previously stopped using the stopInstances method, it can be started using the startInstances method.
+
+If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are started.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2507,16 +3080,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2551,7 +3137,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2565,8 +3152,16 @@ 
Method Details

 

 
 

-    stopInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is stopped, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_STOP on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not stopped. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Stopped instances can be started using the startInstances method. You can specify a maximum of 1000 instances with this method per request.
+    stopInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method.
+
+If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is stopped, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_STOP on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not stopped.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended.
+
+Stopped instances can be started using the startInstances method.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2582,16 +3177,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2626,7 +3234,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2640,8 +3249,16 @@ 
Method Details

 

 
 

-    suspendInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is suspended, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_SUSPEND on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not suspended. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Suspended instances can be resumed using the resumeInstances method. You can specify a maximum of 1000 instances with this method per request.
+    suspendInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method.
+
+If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is suspended, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_SUSPEND on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not suspended.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended.
+
+Suspended instances can be resumed using the resumeInstances method.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2657,16 +3274,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2701,7 +3331,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2715,7 +3346,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -2731,10 +3362,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2747,7 +3374,7 @@ 
Method Details

 

 
 

-    update(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    update(project, zone, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.
 
 Args:
@@ -2757,13 +3384,27 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2773,7 +3414,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -2796,11 +3439,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -2808,7 +3457,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -2854,17 +3503,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -2874,13 +3545,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2889,16 +3568,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2933,7 +3625,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2947,7 +3640,7 @@ 
Method Details

 

 
 

-    updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)
   
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -2997,16 +3690,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3041,7 +3747,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.instanceGroups.html b/docs/dyn/compute_alpha.instanceGroups.html
index 5f991019ccf..6f3ef022b71 100644
--- a/docs/dyn/compute_alpha.instanceGroups.html
+++ b/docs/dyn/compute_alpha.instanceGroups.html
@@ -75,10 +75,10 @@
 
Compute Engine API . instanceGroups

 
Instance Methods

 

-  addInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

-
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read Adding instances for more information.

+  addInstances(project, zone, instanceGroup, body=None, requestId=None)

+
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instance groups and sorts them by zone.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,19 +87,19 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, instanceGroup, requestId=None, x__xgafv=None)

-
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read Deleting an instance group for more information.

+  delete(project, zone, instanceGroup, requestId=None)

+
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.

 

-  get(project, zone, instanceGroup, x__xgafv=None)

-
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.

+  get(project, zone, instanceGroup)

+
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an instance group in the specified project using the parameters that are included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

-
Retrieves the list of zonal instance group resources contained within the specified zone. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

+
Retrieves the list of zonal instance group resources contained within the specified zone.

 

-  listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the specified instance group. The orderBy query parameter is not supported.

 

   listInstances_next(previous_request, previous_response)

@@ -108,18 +108,18 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

-
Removes one or more instances from the specified instance group, but does not delete those instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.

+  removeInstances(project, zone, instanceGroup, body=None, requestId=None)

+
Removes one or more instances from the specified instance group, but does not delete those instances.

 

-  setNamedPorts(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

+  setNamedPorts(project, zone, instanceGroup, body=None, requestId=None)

 
Sets the named ports for the specified instance group.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
-  
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read Adding instances for more information.
+    addInstances(project, zone, instanceGroup, body=None, requestId=None)
+  
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -131,21 +131,34 @@ 
Method Details

 {
   "instances": [ # The list of instances to add to the instance group.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -180,7 +193,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -194,21 +208,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instance groups and sorts them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -218,15 +238,31 @@ 
Method Details

   "items": { # A list of InstanceGroupsScopedList resources.
     "a_key": { # The name of the scope that contains this set of instance groups.
       "instanceGroups": [ # [Output Only] The list of instance groups that are contained in this scope.
-        { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+        { # Represents an Instance Group resource.
+            #
+            # Instance Groups can be used to configure a target for load balancing.
+            #
+            # Instance groups can either be managed or unmanaged.
+            #
+            # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+            #
+            # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+            #
+            # For more information, read Instance groups.
+            #
+            # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
           "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
           "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
           "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
           "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-          "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-            { # The named port. For example: <"http", 80>.
+          "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+              #
+              # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+              #
+              # Named ports apply to all instances in this instance group.
+            { # The named port. For example: .
               "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
               "port": 42, # The port number, which can be a value between 1 and 65535.
             },
@@ -242,7 +278,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that replaces the list of instance groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -260,7 +297,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -291,23 +329,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instanceGroup, requestId=None, x__xgafv=None)
-  
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read Deleting an instance group for more information.
+    delete(project, zone, instanceGroup, requestId=None)
+  
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
   instanceGroup: string, The name of the instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -342,7 +393,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -356,30 +408,44 @@ 
Method Details

 

 
 

-    get(project, zone, instanceGroup, x__xgafv=None)
-  
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
+    get(project, zone, instanceGroup)
+  
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request.
+
+For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
   instanceGroup: string, The name of the instance group. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+    #
+    # Instance Groups can be used to configure a target for load balancing.
+    #
+    # Instance groups can either be managed or unmanaged.
+    #
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    #
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    #
+    # For more information, read Instance groups.
+    #
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      #
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      #
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -395,7 +461,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an instance group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -404,15 +470,31 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+{ # Represents an Instance Group resource.
+    # 
+    # Instance Groups can be used to configure a target for load balancing.
+    # 
+    # Instance groups can either be managed or unmanaged.
+    # 
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    # 
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    # 
+    # For more information, read Instance groups.
+    # 
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      # 
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      # 
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -426,16 +508,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -470,7 +565,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -484,21 +580,29 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
-  
Retrieves the list of zonal instance group resources contained within the specified zone. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
+  
Retrieves the list of zonal instance group resources contained within the specified zone.
+
+For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -506,15 +610,31 @@ 
Method Details

     { # A list of InstanceGroup resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroup resources.
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+        #
+        # Instance Groups can be used to configure a target for load balancing.
+        #
+        # Instance groups can either be managed or unmanaged.
+        #
+        # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+        #
+        # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+        #
+        # For more information, read Instance groups.
+        #
+        # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
       "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
       "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
       "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-      "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-        { # The named port. For example: <"http", 80>.
+      "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+          #
+          # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+          #
+          # Named ports apply to all instances in this instance group.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -533,7 +653,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -545,7 +666,7 @@ 
Method Details

 

 
 

-    listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the specified instance group. The orderBy query parameter is not supported.
 
 Args:
@@ -559,15 +680,21 @@ 
Method Details

   "instanceState": "A String", # A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -578,7 +705,7 @@ 
Method Details

     {
       "instance": "A String", # [Output Only] The URL of the instance.
       "namedPorts": [ # [Output Only] The named ports that belong to this instance group.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -591,7 +718,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -631,8 +759,10 @@ 
Method Details

 

 
 

-    removeInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
-  
Removes one or more instances from the specified instance group, but does not delete those instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.
+    removeInstances(project, zone, instanceGroup, body=None, requestId=None)
+  
Removes one or more instances from the specified instance group, but does not delete those instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -644,21 +774,34 @@ 
Method Details

 {
   "instances": [ # The list of instances to remove from the instance group.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -693,7 +836,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -707,7 +851,7 @@ 
Method Details

 

 
 

-    setNamedPorts(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
+    setNamedPorts(project, zone, instanceGroup, body=None, requestId=None)
   
Sets the named ports for the specified instance group.
 
 Args:
@@ -720,23 +864,36 @@ 
Method Details

 {
   "fingerprint": "A String", # The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request. A request with an incorrect fingerprint will fail with error 412 conditionNotMet.
   "namedPorts": [ # The list of named ports to set for this instance group.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -771,7 +928,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -785,7 +943,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -801,10 +959,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.instanceTemplates.html b/docs/dyn/compute_alpha.instanceTemplates.html
index c3f16ed2e95..0e19aaba7ec 100644
--- a/docs/dyn/compute_alpha.instanceTemplates.html
+++ b/docs/dyn/compute_alpha.instanceTemplates.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, instanceTemplate, requestId=None, x__xgafv=None)

+  delete(project, instanceTemplate, requestId=None)

 
Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It is not possible to delete templates that are already in use by a managed instance group.

 

-  get(project, instanceTemplate, x__xgafv=None)

+  get(project, instanceTemplate)

 
Returns the specified instance template. Gets a list of available instance templates by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of instance templates that are contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, instanceTemplate, requestId=None, x__xgafv=None)
+    delete(project, instanceTemplate, requestId=None)
   
Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It is not possible to delete templates that are already in use by a managed instance group.
 
 Args:
   project: string, Project ID for this request. (required)
   instanceTemplate: string, The name of the instance template to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,21 +186,19 @@ 
Method Details

 

 
 

-    get(project, instanceTemplate, x__xgafv=None)
+    get(project, instanceTemplate)
   
Returns the specified instance template. Gets a list of available instance templates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   instanceTemplate: string, The name of the instance template. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+    { # Represents an Instance Template resource.
+    #
+    # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -208,30 +220,58 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
         "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -246,20 +286,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -294,7 +370,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
           "A String",
@@ -315,9 +395,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -334,7 +416,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -357,7 +443,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -365,24 +455,37 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
@@ -390,9 +493,9 @@ 
Method Details

       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -402,7 +505,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -444,7 +549,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -452,14 +559,21 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
     "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
       { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
         "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+            # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+            # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+            # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
       },
     ],
   },
@@ -467,34 +581,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -502,76 +640,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.
 
 Args:
@@ -579,7 +785,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+{ # Represents an Instance Template resource.
+    # 
+    # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -601,30 +809,58 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
         "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -639,20 +875,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -687,7 +959,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
           "A String",
@@ -708,9 +984,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -727,7 +1005,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -750,7 +1032,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -758,24 +1044,37 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
@@ -783,9 +1082,9 @@ 
Method Details

       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -795,7 +1094,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -837,7 +1138,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -845,29 +1148,49 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
     "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
       { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
         "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+            # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+            # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+            # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
       },
     ],
   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -902,7 +1225,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -916,20 +1240,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of instance templates that are contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -937,7 +1267,9 @@ 
Method Details

     { # A list of instance templates.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceTemplate resources.
-    { # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+    { # Represents an Instance Template resource.
+        #
+        # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -959,30 +1291,58 @@ 
Method Details

           { # An instance-attached disk resource.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                #
+                # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                #
+                # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                #
+                # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                #
+                # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
             "diskSizeGb": "A String", # The size of the disk in GB.
             "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
               "description": "A String", # An optional description. Provide this property when creating the disk.
               "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
               "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                  # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                  #
+                  #
+                  # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                  # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                  # - projects/project/zones/zone/diskTypes/diskType
+                  # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                  #
+                  # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
                 { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                 },
               ],
               "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -997,20 +1357,56 @@ 
Method Details

               "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                 "A String",
               ],
-              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                  # projects/debian-cloud/global/images/family/debian-9
+                  #
+                  #
+                  # Alternatively, use a specific version of a public operating system image:
+                  # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                  #
+                  #
+                  # To create a disk with a custom image that you created, specify the image name in the following format:
+                  # global/images/my-custom-image
+                  #
+                  #
+                  # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                  # global/images/family/my-image-family
+                  #
+                  #
+                  # If the source image is deleted later, this field will not be set.
+              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
-              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                  # global/snapshots/my-backup
+                  #
+                  #
+                  # If the source snapshot is deleted later, this field will not be set.
               "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
             },
@@ -1045,7 +1441,11 @@ 
Method Details

                 "fileType": "A String", # The file type of source file.
               },
             },
-            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                #
+                # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
             "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
             "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
               "A String",
@@ -1066,9 +1466,11 @@ 
Method Details

         },
         "machineType": "A String", # The machine type to use for instances that are created from these properties.
         "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
           "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
+            {
               "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
               "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
             },
@@ -1085,7 +1487,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1108,7 +1514,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1116,24 +1526,37 @@ 
Method Details

                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
             "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
             "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
             "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
             "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
             "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
             "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
             "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
               {
                 "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
                 "ipAllocationMode": "A String",
-                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                    # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                    # - regions/region/subnetworks/subnetwork
                 "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
               },
             ],
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
           },
         ],
         "networkPerformanceConfig": {
@@ -1141,9 +1564,9 @@ 
Method Details

           "totalEgressBandwidthTier": "A String",
         },
         "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
         "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
@@ -1153,7 +1576,9 @@ 
Method Details

           "A String",
         ],
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
           "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
           "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -1195,7 +1620,9 @@ 
Method Details

           "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
         },
         "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
             "A String",
           ],
@@ -1203,14 +1630,21 @@ 
Method Details

       },
       "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+      "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
       "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
         "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
           { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
             "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-            "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+            "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+                # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+                # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+                # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+                # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+                # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
           },
         ],
       },
@@ -1221,7 +1655,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1247,7 +1682,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1259,33 +1694,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1293,95 +1802,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1389,76 +1990,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1473,10 +2142,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.instances.html b/docs/dyn/compute_alpha.instances.html
index 5302662c85c..eaefe2df426 100644
--- a/docs/dyn/compute_alpha.instances.html
+++ b/docs/dyn/compute_alpha.instances.html
@@ -75,67 +75,67 @@
 
Compute Engine API . instances

 
Instance Methods

 

-  addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)

 
Adds an access config to an instance's network interface.

 

-  addResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, zone, instance, body=None, requestId=None)

 
Adds existing resource policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves aggregated list of all of the instances in your project across all regions and zones.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None, x__xgafv=None)

+  attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None)

 
Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.

 

-  bulkInsert(project, zone, body=None, requestId=None, x__xgafv=None)

+  bulkInsert(project, zone, body=None, requestId=None)

 
Creates multiple instances. Count specifies the number of instances to create.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, instance, requestId=None, x__xgafv=None)

+  delete(project, zone, instance, requestId=None)

 
Deletes the specified Instance resource. For more information, see Deleting an instance.

 

-  deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None, x__xgafv=None)

+  deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None)

 
Deletes an access config from an instance's network interface.

 

-  detachDisk(project, zone, instance, deviceName, requestId=None, x__xgafv=None)

+  detachDisk(project, zone, instance, deviceName, requestId=None)

 
Detaches a disk from an instance.

 

-  get(project, zone, instance, x__xgafv=None)

+  get(project, zone, instance)

 
Returns the specified Instance resource. Gets a list of available instances by making a list() request.

 

-  getEffectiveFirewalls(project, zone, instance, networkInterface, x__xgafv=None)

+  getEffectiveFirewalls(project, zone, instance, networkInterface)

 
Returns effective firewalls applied to an interface of the instance.

 

-  getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None, x__xgafv=None)

+  getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None)

 
Returns the specified guest attributes entry.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getScreenshot(project, zone, instance, x__xgafv=None)

+  getScreenshot(project, zone, instance)

 
Returns the screenshot from the specified instance.

 

-  getSerialPortOutput(project, zone, instance, port=None, start=None, x__xgafv=None)

+  getSerialPortOutput(project, zone, instance, port=None, start=None)

 
Returns the last 1 MB of serial port output from the specified instance.

 

-  getShieldedInstanceIdentity(project, zone, instance, x__xgafv=None)

+  getShieldedInstanceIdentity(project, zone, instance)

 
Returns the Shielded Instance Identity of an instance

 

-  getShieldedVmIdentity(project, zone, instance, x__xgafv=None)

+  getShieldedVmIdentity(project, zone, instance)

 
Returns the Shielded VM Identity of an instance

 

-  insert(project, zone, body=None, requestId=None, secureTags=None, sourceInstanceTemplate=None, sourceMachineImage=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None, secureTags=None, sourceInstanceTemplate=None, sourceMachineImage=None)

 
Creates an instance resource in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instances contained within the specified zone.

 

-  listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of resources that refer to the VM instance specified in the request. For example, if the VM instance is part of a managed or unmanaged instance group, the referrers list includes the instance group. For more information, read Viewing referrers to VM instances.

 

   listReferrers_next(previous_request, previous_response)

@@ -144,101 +144,101 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  performMaintenance(project, zone, instance, requestId=None, x__xgafv=None)

+  performMaintenance(project, zone, instance, requestId=None)

 
Perform a manual maintenance on the instance.

 

-  removeResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, zone, instance, body=None, requestId=None)

 
Removes resource policies from an instance.

 

-  reset(project, zone, instance, requestId=None, x__xgafv=None)

+  reset(project, zone, instance, requestId=None)

 
Performs a reset on the instance. This is a hard reset the VM does not do a graceful shutdown. For more information, see Resetting an instance.

 

-  resume(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  resume(project, zone, instance, body=None, requestId=None)

 
Resumes an instance that was suspended using the instances().suspend method.

 

-  sendDiagnosticInterrupt(project, zone, instance, x__xgafv=None)

-

+  sendDiagnosticInterrupt(project, zone, instance)

+
TODO(b/180520210): Add IAM permission for this API. Sends diagnostic interrupt to the instance.

 

-  setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None, x__xgafv=None)

+  setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None)

 
Sets deletion protection on the instance.

 

-  setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None, x__xgafv=None)

+  setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None)

 
Sets the auto-delete flag for a disk attached to an instance.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, instance, body=None, requestId=None)

 
Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.

 

-  setMachineResources(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMachineResources(project, zone, instance, body=None, requestId=None)

 
Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.

 

-  setMachineType(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMachineType(project, zone, instance, body=None, requestId=None)

 
Changes the machine type for a stopped instance to the machine type specified in the request.

 

-  setMetadata(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMetadata(project, zone, instance, body=None, requestId=None)

 
Sets metadata for the specified instance to the data included in the request.

 

-  setMinCpuPlatform(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMinCpuPlatform(project, zone, instance, body=None, requestId=None)

 
Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.

 

-  setName(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setName(project, zone, instance, body=None, requestId=None)

 
Sets name of an instance.

 

-  setScheduling(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setScheduling(project, zone, instance, body=None, requestId=None)

 
Sets an instance's scheduling options. You can only call this method on a stopped instance, that is, a VM instance that is in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.

 

-  setServiceAccount(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setServiceAccount(project, zone, instance, body=None, requestId=None)

 
Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.

 

-  setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None)

 
Sets the Shielded Instance integrity policy for an instance. You can only use this method on a running instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None)

 
Sets the Shielded VM integrity policy for a VM instance. You can only use this method on a running VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setTags(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setTags(project, zone, instance, body=None, requestId=None)

 
Sets network tags for the specified instance to the data included in the request.

 

-  simulateMaintenanceEvent(project, zone, instance, x__xgafv=None)

+  simulateMaintenanceEvent(project, zone, instance)

 
Simulates a maintenance event on the instance.

 

-  start(project, zone, instance, requestId=None, x__xgafv=None)

+  start(project, zone, instance, requestId=None)

 
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.

 

-  startWithEncryptionKey(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  startWithEncryptionKey(project, zone, instance, body=None, requestId=None)

 
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.

 

-  stop(project, zone, instance, discardLocalSsd=None, requestId=None, x__xgafv=None)

+  stop(project, zone, instance, discardLocalSsd=None, requestId=None)

 
Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.

 

-  suspend(project, zone, instance, discardLocalSsd=None, requestId=None, x__xgafv=None)

+  suspend(project, zone, instance, discardLocalSsd=None, requestId=None)

 
This method suspends a running instance, saving its state to persistent storage, and allows you to resume the instance at a later time. Suspended instances incur reduced per-minute, virtual machine usage charges while they are suspended. Any resources the virtual machine is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, instance, body=None, clearSecureTag=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, secureTags=None, x__xgafv=None)

-
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See Updating a running instance for a list of updatable instance properties.

+  update(project, zone, instance, body=None, clearSecureTag=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, secureTags=None)

+
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See  Updating a running instance for a list of updatable instance properties.

 

-  updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)

 
Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateDisplayDevice(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateDisplayDevice(project, zone, instance, body=None, requestId=None)

 
Updates the Display config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None)

 
Updates an instance's network interface. This method can only update an interface's alias IP range and attached network. See Modifying alias IP ranges for an existing instance for instructions on changing alias IP ranges. See Migrating a VM between networks for instructions on migrating an interface. This method follows PATCH semantics.

 

-  updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None)

 
Updates the Shielded Instance config for an instance. You can only use this method on a stopped instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateShieldedVmConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateShieldedVmConfig(project, zone, instance, body=None, requestId=None)

 
Updates the Shielded VM config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 
Method Details

 

-    addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)
   
Adds an access config to an instance's network interface.
 
 Args:
@@ -255,7 +255,11 @@ 
Method Details

   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+      # 
+      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -263,16 +267,29 @@ 
Method Details

   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -307,7 +324,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -321,7 +339,7 @@ 
Method Details

 

 
 

-    addResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, zone, instance, body=None, requestId=None)
   
Adds existing resource policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.
 
 Args:
@@ -337,16 +355,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -381,7 +412,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -395,21 +427,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves aggregated list of all of the instances in your project across all regions and zones.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -419,14 +457,16 @@ 
Method Details

   "items": { # An object that contains a list of instances scoped by zone.
     "a_key": { # [Output Only] Name of the scope containing this set of instances.
       "instances": [ # [Output Only] A list of instances contained in this scope.
-        { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+        { # Represents an Instance resource.
+            #
+            # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
           "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
             "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
             "numaNodeCount": 42, # The number of vNUMA nodes.
             "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
             "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
           },
-          "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+          "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
           "confidentialInstanceConfig": { # A set of Confidential Instance options.
             "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
           },
@@ -438,30 +478,58 @@ 
Method Details

             { # An instance-attached disk resource.
               "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
               "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-              "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-              "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+              "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                  #
+                  # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+              "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                  #
+                  # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                  #
+                  # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                  #
+                  # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
               "diskSizeGb": "A String", # The size of the disk in GB.
               "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
                 { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                 },
               ],
               "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-              "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                  #
+                  # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                  #
+                  # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
                 "description": "A String", # An optional description. Provide this property when creating the disk.
                 "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
                 "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-                "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-                "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+                "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                    # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                    #
+                    #
+                    # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                    # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                    # - projects/project/zones/zone/diskTypes/diskType
+                    # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+                "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                    #
+                    # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
                   { # Guest OS features.
-                    "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                    "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                   },
                 ],
                 "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -476,20 +544,56 @@ 
Method Details

                 "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                   "A String",
                 ],
-                "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-                "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+                "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                    #
+                    # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                    # projects/debian-cloud/global/images/family/debian-9
+                    #
+                    #
+                    # Alternatively, use a specific version of a public operating system image:
+                    # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                    #
+                    #
+                    # To create a disk with a custom image that you created, specify the image name in the following format:
+                    # global/images/my-custom-image
+                    #
+                    #
+                    # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                    # global/images/family/my-image-family
+                    #
+                    #
+                    # If the source image is deleted later, this field will not be set.
+                "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                    #
+                    # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                   "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                   "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                   "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                      #
+                      # The key must meet the following requirements before you can provide it to Compute Engine:
+                      # - The key is wrapped using a RSA public key certificate provided by Google.
+                      # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                      # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                   "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
                 },
-                "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+                "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                    #
+                    # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                    # global/snapshots/my-backup
+                    #
+                    #
+                    # If the source snapshot is deleted later, this field will not be set.
                 "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                   "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                   "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                   "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                      #
+                      # The key must meet the following requirements before you can provide it to Compute Engine:
+                      # - The key is wrapped using a RSA public key certificate provided by Google.
+                      # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                      # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                   "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
                 },
               },
@@ -524,7 +628,11 @@ 
Method Details

                   "fileType": "A String", # The file type of source file.
                 },
               },
-              "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+              "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                  #
+                  # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
               "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
               "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
                 "A String",
@@ -535,7 +643,9 @@ 
Method Details

             "enableDisplay": True or False, # Defines whether the instance has Display enabled.
           },
           "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
             { # A specification of the type and number of accelerator cards attached to the instance.
               "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -544,26 +654,53 @@ 
Method Details

           ],
           "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-          "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+          "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+              #
+              # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+              #
+              # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+              #
+              # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-          "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+          "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
             "a_key": "A String",
           },
           "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
           "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
           "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-          "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+          "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+              # zones/us-central1-f/machineTypes/n1-standard-1
+              #
+              #
+              # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+              # zones/zone/machineTypes/custom-CPUS-MEMORY
+              #
+              #
+              # For example: zones/us-central1-f/machineTypes/custom-4-5120
+              #
+              # For a full list of restrictions, read the Specifications for custom machine types.
           "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+                #
+                # To see the latest fingerprint, make a get() request to retrieve the resource.
             "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-              { # Metadata
+              {
                 "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
                 "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
               },
@@ -581,7 +718,11 @@ 
Method Details

                   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                      #
+                      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                      #
+                      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -604,7 +745,11 @@ 
Method Details

                   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                      #
+                      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                      #
+                      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -612,24 +757,37 @@ 
Method Details

                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
-              "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+              "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                  #
+                  # Valid only if stackType is IPV4_IPV6.
               "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
               "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
               "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-              "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+              "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                  #
+                  # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                  # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                  # - projects/project/global/networks/network
+                  # - global/networks/default
               "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
               "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
               "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-              "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+              "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                  #
+                  # This field can be both set at instance creation and update network interface operations.
               "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
                 {
                   "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
                   "ipAllocationMode": "A String",
-                  "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+                  "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                      # - regions/region/subnetworks/subnetwork
                   "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
                 },
               ],
-              "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+              "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                  # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                  # - regions/region/subnetworks/subnetwork
             },
           ],
           "networkPerformanceConfig": {
@@ -638,9 +796,9 @@ 
Method Details

           },
           "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
           "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
           "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-            "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+            "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
             "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
             "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
               "A String",
@@ -659,7 +817,9 @@ 
Method Details

           },
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-            "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+            "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+                #
+                # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
             "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
             "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
             "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -684,7 +844,9 @@ 
Method Details

           ],
           "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+          "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+              #
+              # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
             { # A service account.
               "email": "A String", # Email address of the service account.
               "scopes": [ # The list of scopes to be made available for this service account.
@@ -713,14 +875,21 @@ 
Method Details

             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-          "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+          "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
           "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
           "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+                #
+                # To see the latest fingerprint, make get() request to the instance.
             "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
               "A String",
             ],
@@ -739,7 +908,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of instances when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -757,7 +927,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -783,7 +954,7 @@ 
Method Details

 

 
 

-    attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None, x__xgafv=None)
+    attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None)
   
Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.
 
 Args:
@@ -796,30 +967,58 @@ 
Method Details

 { # An instance-attached disk resource.
   "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
   "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-  "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-  "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+  "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+      # 
+      # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+  "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+      # 
+      # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+      # 
+      # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+      # 
+      # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      # 
+      # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "diskSizeGb": "A String", # The size of the disk in GB.
   "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-  "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+  "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+      # 
+      # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      #
+      # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
     "description": "A String", # An optional description. Provide this property when creating the disk.
     "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
     "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-    "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+    "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+        # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+        #
+        #
+        # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+        # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+        # - projects/project/zones/zone/diskTypes/diskType
+        # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+        #
+        # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
       { # Guest OS features.
-        "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+        "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
       },
     ],
     "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -834,20 +1033,56 @@ 
Method Details

     "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
       "A String",
     ],
-    "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-    "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+    "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+        #
+        # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+        # projects/debian-cloud/global/images/family/debian-9
+        #
+        #
+        # Alternatively, use a specific version of a public operating system image:
+        # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+        #
+        #
+        # To create a disk with a custom image that you created, specify the image name in the following format:
+        # global/images/my-custom-image
+        #
+        #
+        # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+        # global/images/family/my-image-family
+        #
+        #
+        # If the source image is deleted later, this field will not be set.
+    "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+        #
+        # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
-    "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+    "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+        #
+        # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+        # global/snapshots/my-backup
+        #
+        #
+        # If the source snapshot is deleted later, this field will not be set.
     "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
   },
@@ -882,7 +1117,11 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+  "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+      # 
+      # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+      # 
+      # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
   "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
   "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
     "A String",
@@ -890,16 +1129,29 @@ 
Method Details

 }
 
   forceAttach: boolean, Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -934,7 +1186,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -948,7 +1201,7 @@ 
Method Details

 

 
 

-    bulkInsert(project, zone, body=None, requestId=None, x__xgafv=None)
+    bulkInsert(project, zone, body=None, requestId=None)
   
Creates multiple instances. Count specifies the number of instances to create.
 
 Args:
@@ -959,14 +1212,16 @@ 
Method Details

 
 { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert and compute.regionInstances.recommendLocations. This resource is not persisted anywhere, it is used only for processing the requests.
   "count": "A String", # The maximum number of instances to create.
-  "instance": { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. # DEPRECATED: Please use instance_properties instead.
+  "instance": { # Represents an Instance resource. # DEPRECATED: Please use instance_properties instead.
+      #
+      # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
     "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "numaNodeCount": 42, # The number of vNUMA nodes.
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
       "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
     },
-    "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+    "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
     "confidentialInstanceConfig": { # A set of Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
@@ -978,30 +1233,58 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
         "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -1016,20 +1299,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -1064,7 +1383,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
           "A String",
@@ -1075,7 +1398,9 @@ 
Method Details

       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-    "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
       { # A specification of the type and number of accelerator cards attached to the instance.
         "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -1084,26 +1409,53 @@ 
Method Details

     ],
     "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
     "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-    "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+    "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+        #
+        # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+        #
+        # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+        #
+        # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+        #
+        # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-    "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+    "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
       "a_key": "A String",
     },
     "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
     "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
     "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-    "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+    "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+        # zones/us-central1-f/machineTypes/n1-standard-1
+        #
+        #
+        # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+        # zones/zone/machineTypes/custom-CPUS-MEMORY
+        #
+        #
+        # For example: zones/us-central1-f/machineTypes/custom-4-5120
+        #
+        # For a full list of restrictions, read the Specifications for custom machine types.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -1121,7 +1473,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1144,7 +1500,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1152,24 +1512,37 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
@@ -1178,9 +1551,9 @@ 
Method Details

     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
     "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -1199,7 +1572,9 @@ 
Method Details

     },
     "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -1224,7 +1599,9 @@ 
Method Details

     ],
     "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
     "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-    "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+    "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+        #
+        # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
       { # A service account.
         "email": "A String", # Email address of the service account.
         "scopes": [ # The list of scopes to be made available for this service account.
@@ -1253,14 +1630,21 @@ 
Method Details

       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-    "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+    "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
     "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
     "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -1292,30 +1676,58 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
         "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -1330,20 +1742,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -1378,7 +1826,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
           "A String",
@@ -1399,9 +1851,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -1418,7 +1872,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1441,7 +1899,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1449,24 +1911,37 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
@@ -1474,9 +1949,9 @@ 
Method Details

       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -1486,7 +1961,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -1528,7 +2005,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -1543,7 +2022,7 @@ 
Method Details

     "targetShape": "A String", # Strategy for distributing VMs across zones in a region.
   },
   "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
-  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder # ...# can contain up to 18 characters.
+  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
   "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
     "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
       "name": "A String", # This field is only temporary. It will be removed. Do not use it.
@@ -1555,19 +2034,39 @@ 
Method Details

   "secureTags": [ # DEPRECATED: Please use instance_properties.secure_tag instead. Secure tags to apply to this instance. These can be later modified by the update method. Maximum number of secure tags allowed is 50.
     "A String",
   ],
-  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional.
+  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+      # 
+      # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+      # - projects/project/global/instanceTemplates/instanceTemplate
+      # - global/instanceTemplates/instanceTemplate
+      # 
+      # This field is optional.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1602,7 +2101,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1621,23 +2121,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instance, requestId=None, x__xgafv=None)
+    delete(project, zone, instance, requestId=None)
   
Deletes the specified Instance resource. For more information, see Deleting an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1672,7 +2185,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1686,7 +2200,7 @@ 
Method Details

 

 
 

-    deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None, x__xgafv=None)
+    deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None)
   
Deletes an access config from an instance's network interface.
 
 Args:
@@ -1695,16 +2209,29 @@ 
Method Details

   instance: string, The instance name for this request. (required)
   accessConfig: string, The name of the access config to delete. (required)
   networkInterface: string, The name of the network interface. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1739,7 +2266,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1753,7 +2281,7 @@ 
Method Details

 

 
 

-    detachDisk(project, zone, instance, deviceName, requestId=None, x__xgafv=None)
+    detachDisk(project, zone, instance, deviceName, requestId=None)
   
Detaches a disk from an instance.
 
 Args:
@@ -1761,16 +2289,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Instance name for this request. (required)
   deviceName: string, The device name of the disk to detach. Make a get() request on the instance to view currently attached disks and device names. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1805,7 +2346,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1819,29 +2361,27 @@ 
Method Details

 

 
 

-    get(project, zone, instance, x__xgafv=None)
+    get(project, zone, instance)
   
Returns the specified Instance resource. Gets a list of available instances by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+    { # Represents an Instance resource.
+    #
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "numaNodeCount": 42, # The number of vNUMA nodes.
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -1853,30 +2393,58 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
       "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+            #
+            # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -1891,20 +2459,56 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
       },
@@ -1939,7 +2543,11 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
         "A String",
@@ -1950,7 +2558,9 @@ 
Method Details

     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      #
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -1959,26 +2569,53 @@ 
Method Details

   ],
   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+  "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+      #
+      # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+      #
+      # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+      #
+      # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+      #
+      # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      #
+      #
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      #
+      #
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      #
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -1996,7 +2633,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -2019,7 +2660,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -2027,24 +2672,37 @@ 
Method Details

           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
       "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
       "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
         {
           "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
           "ipAllocationMode": "A String",
-          "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+          "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+              # - regions/region/subnetworks/subnetwork
           "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
         },
       ],
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
   "networkPerformanceConfig": {
@@ -2053,9 +2711,9 @@ 
Method Details

   },
   "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
   "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -2074,7 +2732,9 @@ 
Method Details

   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
     "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
     "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -2099,7 +2759,9 @@ 
Method Details

   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      #
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -2128,14 +2790,21 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -2154,7 +2823,7 @@ 
Method Details

 

 
 

-    getEffectiveFirewalls(project, zone, instance, networkInterface, x__xgafv=None)
+    getEffectiveFirewalls(project, zone, instance, networkInterface)
   
Returns effective firewalls applied to an interface of the instance.
 
 Args:
@@ -2162,10 +2831,6 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
   networkInterface: string, The name of the network interface to get the effective firewalls. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2190,7 +2855,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -2226,11 +2893,15 @@ 
Method Details

     },
   ],
   "firewalls": [ # Effective firewalls on the instance.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -2239,7 +2910,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -2258,7 +2931,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -2287,7 +2965,9 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "headerAction": { # Optional, additional actions that are performed on headers.
             "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
               {
@@ -2299,21 +2979,35 @@ 
Method Details

           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -2322,7 +3016,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -2349,7 +3061,9 @@ 
Method Details

           "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -2363,7 +3077,7 @@ 
Method Details

 

 
 

-    getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None, x__xgafv=None)
+    getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None)
   
Returns the specified guest attributes entry.
 
 Args:
@@ -2372,10 +3086,6 @@ 
Method Details

   instance: string, Name of the instance scoping this request. (required)
   queryPath: string, Specifies the guest attributes path to be queried.
   variableKey: string, Specifies the key for the guest attributes entry.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2399,7 +3109,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -2407,27 +3117,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -2435,86 +3169,150 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getScreenshot(project, zone, instance, x__xgafv=None)
+    getScreenshot(project, zone, instance)
   
Returns the screenshot from the specified instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2526,7 +3324,7 @@ 
Method Details

 

 
 

-    getSerialPortOutput(project, zone, instance, port=None, start=None, x__xgafv=None)
+    getSerialPortOutput(project, zone, instance, port=None, start=None)
   
Returns the last 1 MB of serial port output from the specified instance.
 
 Args:
@@ -2534,16 +3332,16 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance for this request. (required)
   port: integer, Specifies which COM or serial port to retrieve data from.
-  start: string, Specifies the starting byte position of the output to return. To start with the first byte of output to the specified port, omit this field or set it to `0`. If the output for that byte position is available, this field matches the `start` parameter sent with the request. If the amount of serial console output exceeds the size of the buffer (1 MB), the oldest output is discarded and is no longer available. If the requested start position refers to discarded output, the start position is adjusted to the oldest output still available, and the adjusted start position is returned as the `start` property value. You can also provide a negative start position, which translates to the most recent number of bytes written to the serial port. For example, -3 is interpreted as the most recent 3 bytes written to the serial console.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  start: string, Specifies the starting byte position of the output to return. To start with the first byte of output to the specified port, omit this field or set it to `0`.
+
+If the output for that byte position is available, this field matches the `start` parameter sent with the request. If the amount of serial console output exceeds the size of the buffer (1 MB), the oldest output is discarded and is no longer available. If the requested start position refers to discarded output, the start position is adjusted to the oldest output still available, and the adjusted start position is returned as the `start` property value.
+
+You can also provide a negative start position, which translates to the most recent number of bytes written to the serial port. For example, -3 is interpreted as the most recent 3 bytes written to the serial console.
 
 Returns:
   An object of the form:
 
-    { # An instance serial console output.
+    { # An instance's serial console output.
   "contents": "A String", # [Output Only] The contents of the console output.
   "kind": "compute#serialPortOutput", # [Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.
   "next": "A String", # [Output Only] The position of the next byte of content, regardless of whether the content exists, following the output returned in the `contents` property. Use this value in the next request as the start parameter.
@@ -2553,22 +3351,18 @@ 
Method Details

 

 
 

-    getShieldedInstanceIdentity(project, zone, instance, x__xgafv=None)
+    getShieldedInstanceIdentity(project, zone, instance)
   
Returns the Shielded Instance Identity of an instance
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name or id of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # A Shielded Instance Identity.
+    { # A shielded Instance identity entry.
   "encryptionKey": { # A Shielded Instance Identity Entry. # An Endorsement Key (EK) made by the RSA 2048 algorithm issued to the Shielded Instance's vTPM.
     "ekCert": "A String", # A PEM-encoded X.509 certificate. This field can be empty.
     "ekPub": "A String", # A PEM-encoded public key.
@@ -2582,22 +3376,18 @@ 
Method Details

 

 
 

-    getShieldedVmIdentity(project, zone, instance, x__xgafv=None)
+    getShieldedVmIdentity(project, zone, instance)
   
Returns the Shielded VM Identity of an instance
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # A Shielded VM Identity.
+    { # A shielded VM identity entry.
   "encryptionKey": { # A Shielded Instance Identity Entry. # An Endorsement Key (EK) issued to the Shielded VM's vTPM.
     "ekCert": "A String", # A PEM-encoded X.509 certificate. This field can be empty.
     "ekPub": "A String", # A PEM-encoded public key.
@@ -2611,7 +3401,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, secureTags=None, sourceInstanceTemplate=None, sourceMachineImage=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None, secureTags=None, sourceInstanceTemplate=None, sourceMachineImage=None)
   
Creates an instance resource in the specified project using the data included in the request.
 
 Args:
@@ -2620,14 +3410,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+{ # Represents an Instance resource.
+    # 
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "numaNodeCount": 42, # The number of vNUMA nodes.
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -2639,30 +3431,58 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
       "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+            #
+            # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -2677,20 +3497,56 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
       },
@@ -2725,7 +3581,11 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
         "A String",
@@ -2736,7 +3596,9 @@ 
Method Details

     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -2745,26 +3607,53 @@ 
Method Details

   ],
   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+  "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+      # 
+      # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+      # 
+      # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+      # 
+      # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+      # 
+      # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      # 
+      # 
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      # 
+      # 
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      # 
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -2782,7 +3671,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -2805,7 +3698,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -2813,24 +3710,37 @@ 
Method Details

           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
       "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
       "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
         {
           "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
           "ipAllocationMode": "A String",
-          "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+          "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+              # - regions/region/subnetworks/subnetwork
           "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
         },
       ],
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
   "networkPerformanceConfig": {
@@ -2839,9 +3749,9 @@ 
Method Details

   },
   "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
   "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -2860,7 +3770,9 @@ 
Method Details

   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
     "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
     "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -2885,7 +3797,9 @@ 
Method Details

   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      # 
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -2914,14 +3828,21 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -2938,19 +3859,42 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   secureTags: string, DEPRECATED: Please use resource.secure_tag instead. Secure tags to apply to this instance. These can be later modified by the update method. Maximum number of secure tags allowed is 50. (repeated)
-  sourceInstanceTemplate: string, Specifies instance template to create the instance. This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate 
-  sourceMachineImage: string, Specifies the machine image to use to create the instance. This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to a machine image: - https://www.googleapis.com/compute/v1/projects/project/global/global /machineImages/machineImage - projects/project/global/global/machineImages/machineImage - global/machineImages/machineImage 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  sourceInstanceTemplate: string, Specifies instance template to create the instance.
+
+This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template:  
+- https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate 
+- projects/project/global/instanceTemplates/instanceTemplate 
+- global/instanceTemplates/instanceTemplate
+  sourceMachineImage: string, Specifies the machine image to use to create the instance.
+
+This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to a machine image:  
+- https://www.googleapis.com/compute/v1/projects/project/global/global/machineImages/machineImage 
+- projects/project/global/global/machineImages/machineImage 
+- global/machineImages/machineImage
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2985,7 +3929,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2999,21 +3944,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instances contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -3021,14 +3972,16 @@ 
Method Details

     { # Contains a list of instances.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Instance resources.
-    { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+    { # Represents an Instance resource.
+        #
+        # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
       "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
         "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
         "numaNodeCount": 42, # The number of vNUMA nodes.
         "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
         "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
       },
-      "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+      "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
       "confidentialInstanceConfig": { # A set of Confidential Instance options.
         "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
       },
@@ -3040,30 +3993,58 @@ 
Method Details

         { # An instance-attached disk resource.
           "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
           "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-          "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-          "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+          "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+              #
+              # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+          "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+              #
+              # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+              #
+              # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+              #
+              # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "diskSizeGb": "A String", # The size of the disk in GB.
           "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-          "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+              #
+              # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              #
+              # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
             "description": "A String", # An optional description. Provide this property when creating the disk.
             "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
             "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-            "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+            "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                #
+                #
+                # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                # - projects/project/zones/zone/diskTypes/diskType
+                # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                #
+                # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -3078,20 +4059,56 @@ 
Method Details

             "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
               "A String",
             ],
-            "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-            "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+            "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                # projects/debian-cloud/global/images/family/debian-9
+                #
+                #
+                # Alternatively, use a specific version of a public operating system image:
+                # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                #
+                #
+                # To create a disk with a custom image that you created, specify the image name in the following format:
+                # global/images/my-custom-image
+                #
+                #
+                # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                # global/images/family/my-image-family
+                #
+                #
+                # If the source image is deleted later, this field will not be set.
+            "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
-            "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+            "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                #
+                # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                # global/snapshots/my-backup
+                #
+                #
+                # If the source snapshot is deleted later, this field will not be set.
             "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
           },
@@ -3126,7 +4143,11 @@ 
Method Details

               "fileType": "A String", # The file type of source file.
             },
           },
-          "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+          "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+              #
+              # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
           "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
           "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
             "A String",
@@ -3137,7 +4158,9 @@ 
Method Details

         "enableDisplay": True or False, # Defines whether the instance has Display enabled.
       },
       "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
         { # A specification of the type and number of accelerator cards attached to the instance.
           "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -3146,26 +4169,53 @@ 
Method Details

       ],
       "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+      "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+          #
+          # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+          #
+          # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+          #
+          # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-      "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+      "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
       "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
       "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
       "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-      "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+      "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+          # zones/us-central1-f/machineTypes/n1-standard-1
+          #
+          #
+          # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+          # zones/zone/machineTypes/custom-CPUS-MEMORY
+          #
+          #
+          # For example: zones/us-central1-f/machineTypes/custom-4-5120
+          #
+          # For a full list of restrictions, read the Specifications for custom machine types.
       "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+            #
+            # To see the latest fingerprint, make a get() request to retrieve the resource.
         "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-          { # Metadata
+          {
             "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
             "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
           },
@@ -3183,7 +4233,11 @@ 
Method Details

               "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                  #
+                  # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                  #
+                  # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
               "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -3206,7 +4260,11 @@ 
Method Details

               "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                  #
+                  # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                  #
+                  # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
               "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -3214,24 +4272,37 @@ 
Method Details

               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
-          "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+          "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+              #
+              # Valid only if stackType is IPV4_IPV6.
           "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
           "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
           "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-          "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+          "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+              #
+              # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+              # - projects/project/global/networks/network
+              # - global/networks/default
           "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
           "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
           "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-          "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+          "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+              #
+              # This field can be both set at instance creation and update network interface operations.
           "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
             {
               "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
               "ipAllocationMode": "A String",
-              "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+              "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                  # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                  # - regions/region/subnetworks/subnetwork
               "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
             },
           ],
-          "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+          "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+              # - regions/region/subnetworks/subnetwork
         },
       ],
       "networkPerformanceConfig": {
@@ -3240,9 +4311,9 @@ 
Method Details

       },
       "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
       "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
       "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-        "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+        "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
         "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
         "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
           "A String",
@@ -3261,7 +4332,9 @@ 
Method Details

       },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-        "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+        "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+            #
+            # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
         "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
         "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
         "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -3286,7 +4359,9 @@ 
Method Details

       ],
       "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+      "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+          #
+          # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
         { # A service account.
           "email": "A String", # Email address of the service account.
           "scopes": [ # The list of scopes to be made available for this service account.
@@ -3315,14 +4390,21 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-      "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+      "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
       "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
       "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+            #
+            # To see the latest fingerprint, make get() request to the instance.
         "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
           "A String",
         ],
@@ -3344,7 +4426,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3356,22 +4439,28 @@ 
Method Details

 

 
 

-    listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of resources that refer to the VM instance specified in the request. For example, if the VM instance is part of a managed or unmanaged instance group, the referrers list includes the instance group. For more information, read Viewing referrers to VM instances.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the target instance scoping this request, or '-' if the request should span over all instances in the container. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -3381,7 +4470,8 @@ 
Method Details

   "items": [ # A list of Reference resources.
     { # Represents a reference to a resource.
       "kind": "compute#reference", # [Output Only] Type of the resource. Always compute#reference for references.
-      "referenceType": "A String", # A description of the reference type with no implied semantics. Possible values include: 1. MEMBER_OF
+      "referenceType": "A String", # A description of the reference type with no implied semantics. Possible values include:
+          # - MEMBER_OF
       "referrer": "A String", # URL of the resource which refers to the target.
       "target": "A String", # URL of the resource to which this reference points.
     },
@@ -3391,7 +4481,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3431,23 +4522,36 @@ 
Method Details

 

 
 

-    performMaintenance(project, zone, instance, requestId=None, x__xgafv=None)
+    performMaintenance(project, zone, instance, requestId=None)
   
Perform a manual maintenance on the instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3482,7 +4586,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3496,7 +4601,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, zone, instance, body=None, requestId=None)
   
Removes resource policies from an instance.
 
 Args:
@@ -3512,16 +4617,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3556,7 +4674,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3570,23 +4689,36 @@ 
Method Details

 

 
 

-    reset(project, zone, instance, requestId=None, x__xgafv=None)
+    reset(project, zone, instance, requestId=None)
   
Performs a reset on the instance. This is a hard reset the VM does not do a graceful shutdown. For more information, see Resetting an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3621,7 +4753,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3635,7 +4768,7 @@ 
Method Details

 

 
 

-    resume(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    resume(project, zone, instance, body=None, requestId=None)
   
Resumes an instance that was suspended using the instances().suspend method.
 
 Args:
@@ -3646,37 +4779,66 @@ 
Method Details

     The object takes the form of:
 
 {
-  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key. In order to resume the instance, the disk url and its corresponding key must be provided. If the disk is not protected with a customer-supplied encryption key it should not be specified.
+  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key.
+      # 
+      # In order to resume the instance, the disk url and its corresponding key must be provided.
+      # 
+      # If the disk is not protected with a customer-supplied encryption key it should not be specified.
     {
       "diskEncryptionKey": { # Decrypts data associated with the disk with a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks.
     },
   ],
-  "instanceEncryptionKey": { # Decrypts data associated with an instance that is protected with a customer-supplied encryption key. If the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance resume will not succeed.
+  "instanceEncryptionKey": { # Decrypts data associated with an instance that is protected with a customer-supplied encryption key.
+      # 
+      # If the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance resume will not succeed.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3711,7 +4873,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3725,22 +4888,18 @@ 
Method Details

 

 
 

-    sendDiagnosticInterrupt(project, zone, instance, x__xgafv=None)
-  
+    sendDiagnosticInterrupt(project, zone, instance)
+  
TODO(b/180520210): Add IAM permission for this API. Sends diagnostic interrupt to the instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None, x__xgafv=None)
+    setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None)
   
Sets deletion protection on the instance.
 
 Args:
@@ -3748,16 +4907,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   deletionProtection: boolean, Whether the resource should be protected against deletion.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3792,7 +4964,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3806,7 +4979,7 @@ 
Method Details

 

 
 

-    setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None, x__xgafv=None)
+    setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None)
   
Sets the auto-delete flag for a disk attached to an instance.
 
 Args:
@@ -3815,16 +4988,29 @@ 
Method Details

   instance: string, The instance name for this request. (required)
   autoDelete: boolean, Whether to auto-delete the disk when the instance is deleted. (required)
   deviceName: string, The device name of the disk to modify. Make a get() request on the instance to view currently attached disks and device names. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3859,7 +5045,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3873,7 +5060,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -3886,33 +5073,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -3920,95 +5181,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -4016,76 +5369,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, instance, body=None, requestId=None)
   
Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -4102,16 +5523,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4146,7 +5580,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4160,7 +5595,7 @@ 
Method Details

 

 
 

-    setMachineResources(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMachineResources(project, zone, instance, body=None, requestId=None)
   
Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.
 
 Args:
@@ -4179,16 +5614,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4223,7 +5671,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4237,7 +5686,7 @@ 
Method Details

 

 
 

-    setMachineType(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMachineType(project, zone, instance, body=None, requestId=None)
   
Changes the machine type for a stopped instance to the machine type specified in the request.
 
 Args:
@@ -4251,16 +5700,29 @@ 
Method Details

   "machineType": "A String", # Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4295,7 +5757,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4309,7 +5772,7 @@ 
Method Details

 

 
 

-    setMetadata(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMetadata(project, zone, instance, body=None, requestId=None)
   
Sets metadata for the specified instance to the data included in the request.
 
 Args:
@@ -4320,9 +5783,11 @@ 
Method Details

     The object takes the form of:
 
 { # A metadata key/value entry.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve the resource.
   "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-    { # Metadata
+    {
       "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
       "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
     },
@@ -4330,16 +5795,29 @@ 
Method Details

   "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4374,7 +5852,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4388,7 +5867,7 @@ 
Method Details

 

 
 

-    setMinCpuPlatform(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMinCpuPlatform(project, zone, instance, body=None, requestId=None)
   
Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.
 
 Args:
@@ -4402,16 +5881,29 @@ 
Method Details

   "minCpuPlatform": "A String", # Minimum cpu/platform this instance should be started at.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4446,7 +5938,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4460,7 +5953,7 @@ 
Method Details

 

 
 

-    setName(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setName(project, zone, instance, body=None, requestId=None)
   
Sets name of an instance.
 
 Args:
@@ -4475,16 +5968,29 @@ 
Method Details

   "name": "A String", # The name to be applied to the instance. Needs to be RFC 1035 compliant.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4519,7 +6025,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4533,7 +6040,7 @@ 
Method Details

 

 
 

-    setScheduling(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setScheduling(project, zone, instance, body=None, requestId=None)
   
Sets an instance's scheduling options. You can only call this method on a stopped instance, that is, a VM instance that is in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
 
 Args:
@@ -4544,7 +6051,9 @@ 
Method Details

     The object takes the form of:
 
 { # Sets the scheduling options for an Instance. NextID: 21
-  "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+  "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+      # 
+      # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
   "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
   "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
   "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -4565,16 +6074,29 @@ 
Method Details

   "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4609,7 +6131,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4623,7 +6146,7 @@ 
Method Details

 

 
 

-    setServiceAccount(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setServiceAccount(project, zone, instance, body=None, requestId=None)
   
Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.
 
 Args:
@@ -4640,16 +6163,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4684,7 +6220,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4698,7 +6235,7 @@ 
Method Details

 

 
 

-    setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None)
   
Sets the Shielded Instance integrity policy for an instance. You can only use this method on a running instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4712,16 +6249,29 @@ 
Method Details

   "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4756,7 +6306,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4770,7 +6321,7 @@ 
Method Details

 

 
 

-    setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None)
   
Sets the Shielded VM integrity policy for a VM instance. You can only use this method on a running VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4784,16 +6335,29 @@ 
Method Details

   "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4828,7 +6392,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4842,7 +6407,7 @@ 
Method Details

 

 
 

-    setTags(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setTags(project, zone, instance, body=None, requestId=None)
   
Sets network tags for the specified instance to the data included in the request.
 
 Args:
@@ -4853,22 +6418,37 @@ 
Method Details

     The object takes the form of:
 
 { # A set of instance tags.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
     "A String",
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4903,7 +6483,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4917,22 +6498,31 @@ 
Method Details

 

 
 

-    simulateMaintenanceEvent(project, zone, instance, x__xgafv=None)
+    simulateMaintenanceEvent(project, zone, instance)
   
Simulates a maintenance event on the instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4967,7 +6557,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4981,23 +6572,36 @@ 
Method Details

 

 
 

-    start(project, zone, instance, requestId=None, x__xgafv=None)
+    start(project, zone, instance, requestId=None)
   
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to start. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5032,7 +6636,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5046,7 +6651,7 @@ 
Method Details

 

 
 

-    startWithEncryptionKey(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    startWithEncryptionKey(project, zone, instance, body=None, requestId=None)
   
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.
 
 Args:
@@ -5057,37 +6662,66 @@ 
Method Details

     The object takes the form of:
 
 {
-  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key. In order to start the instance, the disk url and its corresponding key must be provided. If the disk is not protected with a customer-supplied encryption key it should not be specified.
+  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key.
+      # 
+      # In order to start the instance, the disk url and its corresponding key must be provided.
+      # 
+      # If the disk is not protected with a customer-supplied encryption key it should not be specified.
     {
       "diskEncryptionKey": { # Decrypts data associated with the disk with a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks.
     },
   ],
-  "instanceEncryptionKey": { # Decrypts data associated with an instance that is protected with a customer-supplied encryption key. If the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance start will not succeed.
+  "instanceEncryptionKey": { # Decrypts data associated with an instance that is protected with a customer-supplied encryption key.
+      # 
+      # If the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance start will not succeed.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5122,7 +6756,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5136,7 +6771,7 @@ 
Method Details

 

 
 

-    stop(project, zone, instance, discardLocalSsd=None, requestId=None, x__xgafv=None)
+    stop(project, zone, instance, discardLocalSsd=None, requestId=None)
   
Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.
 
 Args:
@@ -5144,16 +6779,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to stop. (required)
   discardLocalSsd: boolean, If true, discard the contents of any attached localSSD partitions. Default value is false (== preserve localSSD data).
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5188,7 +6836,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5202,7 +6851,7 @@ 
Method Details

 

 
 

-    suspend(project, zone, instance, discardLocalSsd=None, requestId=None, x__xgafv=None)
+    suspend(project, zone, instance, discardLocalSsd=None, requestId=None)
   
This method suspends a running instance, saving its state to persistent storage, and allows you to resume the instance at a later time. Suspended instances incur reduced per-minute, virtual machine usage charges while they are suspended. Any resources the virtual machine is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted.
 
 Args:
@@ -5210,16 +6859,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to suspend. (required)
   discardLocalSsd: boolean, If true, discard the contents of any attached localSSD partitions. Default value is false (== preserve localSSD data).
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5254,7 +6916,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5268,7 +6931,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -5284,10 +6947,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -5300,8 +6959,8 @@ 
Method Details

 

 
 

-    update(project, zone, instance, body=None, clearSecureTag=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, secureTags=None, x__xgafv=None)
-  
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See Updating a running instance for a list of updatable instance properties.
+    update(project, zone, instance, body=None, clearSecureTag=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, secureTags=None)
+  
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See  Updating a running instance for a list of updatable instance properties.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -5310,14 +6969,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+{ # Represents an Instance resource.
+    # 
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "numaNodeCount": 42, # The number of vNUMA nodes.
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -5329,30 +6990,58 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
       "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+            #
+            # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -5367,20 +7056,56 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
       },
@@ -5415,7 +7140,11 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
         "A String",
@@ -5426,7 +7155,9 @@ 
Method Details

     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -5435,26 +7166,53 @@ 
Method Details

   ],
   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+  "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+      # 
+      # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+      # 
+      # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+      # 
+      # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+      # 
+      # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      # 
+      # 
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      # 
+      # 
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      # 
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -5472,7 +7230,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -5495,7 +7257,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -5503,24 +7269,37 @@ 
Method Details

           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
       "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
       "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
         {
           "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
           "ipAllocationMode": "A String",
-          "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+          "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+              # - regions/region/subnetworks/subnetwork
           "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
         },
       ],
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
   "networkPerformanceConfig": {
@@ -5529,9 +7308,9 @@ 
Method Details

   },
   "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
   "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -5550,7 +7329,9 @@ 
Method Details

   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
     "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
     "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -5575,7 +7356,9 @@ 
Method Details

   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      # 
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -5604,14 +7387,21 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -5628,30 +7418,45 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  clearSecureTag: boolean, Whether to clear secure tags from the instance. This property if set to true will clear secure tags regardless of the resource.secure_tags.
+  clearSecureTag: boolean, Whether to clear secure tags from the instance.
+
+This property if set to true will clear secure tags regardless of the resource.secure_tags.
   minimalAction: string, Specifies the action to take when updating an instance even if the updated properties do not require it. If not specified, then Compute Engine acts based on the minimum action that the updated properties require.
     Allowed values
       INVALID - 
-      NO_EFFECT - No changes can be made to the instance.
-      REFRESH - The instance will not restart.
-      RESTART - The instance will restart.
+      NO_EFFECT - 
+      REFRESH - 
+      RESTART - 
   mostDisruptiveAllowedAction: string, Specifies the most disruptive action that can be taken on the instance as part of the update. Compute Engine returns an error if the instance properties require a more disruptive action as part of the instance update. Valid options from lowest to highest are NO_EFFECT, REFRESH, and RESTART.
     Allowed values
       INVALID - 
-      NO_EFFECT - No changes can be made to the instance.
-      REFRESH - The instance will not restart.
-      RESTART - The instance will restart.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+      NO_EFFECT - 
+      REFRESH - 
+      RESTART - 
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   secureTags: string, DEPRECATED: Please use resource.secure_tag instead. Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. (repeated)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5686,7 +7491,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5700,7 +7506,7 @@ 
Method Details

 

 
 

-    updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)
   
Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -5717,7 +7523,11 @@ 
Method Details

   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+      # 
+      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -5725,16 +7535,29 @@ 
Method Details

   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5769,7 +7592,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5783,7 +7607,7 @@ 
Method Details

 

 
 

-    updateDisplayDevice(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateDisplayDevice(project, zone, instance, body=None, requestId=None)
   
Updates the Display config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -5797,16 +7621,29 @@ 
Method Details

   "enableDisplay": True or False, # Defines whether the instance has Display enabled.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5841,7 +7678,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5855,7 +7693,7 @@ 
Method Details

 

 
 

-    updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None)
   
Updates an instance's network interface. This method can only update an interface's alias IP range and attached network. See Modifying alias IP ranges for an existing instance for instructions on changing alias IP ranges. See Migrating a VM between networks for instructions on migrating an interface. This method follows PATCH semantics.
 
 Args:
@@ -5874,7 +7712,11 @@ 
Method Details

       "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+          #
+          # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+          #
+          # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
       "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -5897,7 +7739,11 @@ 
Method Details

       "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+          #
+          # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+          #
+          # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
       "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -5905,36 +7751,62 @@ 
Method Details

       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],
-  "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+  "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+      # 
+      # Valid only if stackType is IPV4_IPV6.
   "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
   "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
   "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-  "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+  "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+      # 
+      # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+      # - projects/project/global/networks/network
+      # - global/networks/default
   "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
   "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
   "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-  "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+  "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+      # 
+      # This field can be both set at instance creation and update network interface operations.
   "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
     {
       "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
       "ipAllocationMode": "A String",
-      "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
       "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
     },
   ],
-  "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+  "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+      # - regions/region/subnetworks/subnetwork
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5969,7 +7841,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5983,7 +7856,7 @@ 
Method Details

 

 
 

-    updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None)
   
Updates the Shielded Instance config for an instance. You can only use this method on a stopped instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -5999,16 +7872,29 @@ 
Method Details

   "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -6043,7 +7929,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -6057,7 +7944,7 @@ 
Method Details

 

 
 

-    updateShieldedVmConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateShieldedVmConfig(project, zone, instance, body=None, requestId=None)
   
Updates the Shielded VM config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -6073,16 +7960,29 @@ 
Method Details

   "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -6117,7 +8017,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.interconnectAttachments.html b/docs/dyn/compute_alpha.interconnectAttachments.html
index 04897a7357a..3e43a608652 100644
--- a/docs/dyn/compute_alpha.interconnectAttachments.html
+++ b/docs/dyn/compute_alpha.interconnectAttachments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . interconnectAttachments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of interconnect attachments.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,52 +84,58 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, interconnectAttachment, requestId=None, x__xgafv=None)

+  delete(project, region, interconnectAttachment, requestId=None)

 
Deletes the specified interconnect attachment.

 

-  get(project, region, interconnectAttachment, x__xgafv=None)

+  get(project, region, interconnectAttachment)

 
Returns the specified interconnect attachment.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, validateOnly=None)

 
Creates an InterconnectAttachment in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect attachments contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, interconnectAttachment, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, interconnectAttachment, body=None, requestId=None)

 
Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of interconnect attachments.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -139,9 +145,23 @@ 
Method Details

   "items": { # A list of InterconnectAttachmentsScopedList resources.
     "a_key": { # Name of the scope containing this set of interconnect attachments.
       "interconnectAttachments": [ # A list of interconnect attachments contained in this scope.
-        { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+        { # Represents an Interconnect Attachment (VLAN) resource.
+            #
+            # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
           "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-          "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+          "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+              # - BPS_50M: 50 Mbit/s
+              # - BPS_100M: 100 Mbit/s
+              # - BPS_200M: 200 Mbit/s
+              # - BPS_300M: 300 Mbit/s
+              # - BPS_400M: 400 Mbit/s
+              # - BPS_500M: 500 Mbit/s
+              # - BPS_1G: 1 Gbit/s
+              # - BPS_2G: 2 Gbit/s
+              # - BPS_5G: 5 Gbit/s
+              # - BPS_10G: 10 Gbit/s
+              # - BPS_20G: 20 Gbit/s
+              # - BPS_50G: 50 Gbit/s
           "candidateIpv6Subnets": [ # Up to 16 candidate prefixes that control the allocation of cloudRouterIpv6Address and customerRouterIpv6Address for this attachment. Each prefix must be in the Global Unique Address (GUA) space. It is highly recommended that it be in a range owned by the requestor. A GUA in a range owned by Google will cause the request to fail. Google will select an available prefix from the supplied candidates or fail the request. If not supplied, a /125 from a Google-owned GUA block will be selected.
             "A String",
           ],
@@ -157,22 +177,33 @@ 
Method Details

           "customerRouterIpv6InterfaceId": "A String", # If supplied, the interface id (index within the subnet) to be used for the customer router address. The id must be in the range of 1 to 6. If a subnet mask is supplied, it must be /125, and the subnet should either be 0 or match the selected subnet.
           "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
           "description": "A String", # An optional description of this resource.
-          "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-          "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+          "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+              # - AVAILABILITY_DOMAIN_ANY
+              # - AVAILABILITY_DOMAIN_1
+              # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+          "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+              # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+              # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+              # Not currently available publicly.
           "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-          "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+          "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+              # Not currently available publicly.
             "A String",
           ],
           "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
           "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+          "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+              # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+              # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
           "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
           "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
           "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -188,15 +219,27 @@ 
Method Details

           "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.
-          "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-          "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+          "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+              #
+              # This field can be both set at interconnect attachments creation and update interconnect attachment operations.
+          "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+              # - ACTIVE: The attachment has been turned up and is ready to use.
+              # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+              # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+              # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+              # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+              # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+          "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+              # - DEDICATED: an attachment to a Dedicated Interconnect.
+              # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+              # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
           "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
         },
       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -214,7 +257,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -245,23 +289,36 @@ 
Method Details

 

 
 

-    delete(project, region, interconnectAttachment, requestId=None, x__xgafv=None)
+    delete(project, region, interconnectAttachment, requestId=None)
   
Deletes the specified interconnect attachment.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   interconnectAttachment: string, Name of the interconnect attachment to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -296,7 +353,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -310,24 +368,34 @@ 
Method Details

 

 
 

-    get(project, region, interconnectAttachment, x__xgafv=None)
+    get(project, region, interconnectAttachment)
   
Returns the specified interconnect attachment.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   interconnectAttachment: string, Name of the interconnect attachment to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) resource.
+    #
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateIpv6Subnets": [ # Up to 16 candidate prefixes that control the allocation of cloudRouterIpv6Address and customerRouterIpv6Address for this attachment. Each prefix must be in the Global Unique Address (GUA) space. It is highly recommended that it be in a range owned by the requestor. A GUA in a range owned by Google will cause the request to fail. Google will select an available prefix from the supplied candidates or fail the request. If not supplied, a /125 from a Google-owned GUA block will be selected.
     "A String",
   ],
@@ -343,22 +411,33 @@ 
Method Details

   "customerRouterIpv6InterfaceId": "A String", # If supplied, the interface id (index within the subnet) to be used for the customer router address. The id must be in the range of 1 to 6. If a subnet mask is supplied, it must be /125, and the subnet should either be 0 or match the selected subnet.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -374,15 +453,26 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+      #
+      # This field can be both set at interconnect attachments creation and update interconnect attachment operations.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -390,27 +480,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -418,76 +532,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, validateOnly=None)
   
Creates an InterconnectAttachment in the specified project using the data included in the request.
 
 Args:
@@ -496,9 +678,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+{ # Represents an Interconnect Attachment (VLAN) resource.
+    # 
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateIpv6Subnets": [ # Up to 16 candidate prefixes that control the allocation of cloudRouterIpv6Address and customerRouterIpv6Address for this attachment. Each prefix must be in the Global Unique Address (GUA) space. It is highly recommended that it be in a range owned by the requestor. A GUA in a range owned by Google will cause the request to fail. Google will select an available prefix from the supplied candidates or fail the request. If not supplied, a /125 from a Google-owned GUA block will be selected.
     "A String",
   ],
@@ -514,22 +710,33 @@ 
Method Details

   "customerRouterIpv6InterfaceId": "A String", # If supplied, the interface id (index within the subnet) to be used for the customer router address. The id must be in the range of 1 to 6. If a subnet mask is supplied, it must be /125, and the subnet should either be 0 or match the selected subnet.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -545,23 +752,47 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+      # 
+      # This field can be both set at interconnect attachments creation and update interconnect attachment operations.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -596,7 +827,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -610,21 +842,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect attachments contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -632,9 +870,23 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnect attachments.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InterconnectAttachment resources.
-    { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) resource.
+        #
+        # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
       "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-      "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+      "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+          # - BPS_50M: 50 Mbit/s
+          # - BPS_100M: 100 Mbit/s
+          # - BPS_200M: 200 Mbit/s
+          # - BPS_300M: 300 Mbit/s
+          # - BPS_400M: 400 Mbit/s
+          # - BPS_500M: 500 Mbit/s
+          # - BPS_1G: 1 Gbit/s
+          # - BPS_2G: 2 Gbit/s
+          # - BPS_5G: 5 Gbit/s
+          # - BPS_10G: 10 Gbit/s
+          # - BPS_20G: 20 Gbit/s
+          # - BPS_50G: 50 Gbit/s
       "candidateIpv6Subnets": [ # Up to 16 candidate prefixes that control the allocation of cloudRouterIpv6Address and customerRouterIpv6Address for this attachment. Each prefix must be in the Global Unique Address (GUA) space. It is highly recommended that it be in a range owned by the requestor. A GUA in a range owned by Google will cause the request to fail. Google will select an available prefix from the supplied candidates or fail the request. If not supplied, a /125 from a Google-owned GUA block will be selected.
         "A String",
       ],
@@ -650,22 +902,33 @@ 
Method Details

       "customerRouterIpv6InterfaceId": "A String", # If supplied, the interface id (index within the subnet) to be used for the customer router address. The id must be in the range of 1 to 6. If a subnet mask is supplied, it must be /125, and the subnet should either be 0 or match the selected subnet.
       "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
       "description": "A String", # An optional description of this resource.
-      "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-      "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+      "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+          # - AVAILABILITY_DOMAIN_ANY
+          # - AVAILABILITY_DOMAIN_1
+          # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+      "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+          # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+          # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+          # Not currently available publicly.
       "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-      "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+      "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+          # Not currently available publicly.
         "A String",
       ],
       "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
       "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+          # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+          # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
       "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
       "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
       "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -681,9 +944,20 @@ 
Method Details

       "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.
-      "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-      "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+      "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at interconnect attachments creation and update interconnect attachment operations.
+      "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+          # - ACTIVE: The attachment has been turned up and is ready to use.
+          # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+          # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+          # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+          # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+          # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+      "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+          # - DEDICATED: an attachment to a Dedicated Interconnect.
+          # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+          # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
       "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
     },
   ],
@@ -692,7 +966,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -718,7 +993,7 @@ 
Method Details

 

 
 

-    patch(project, region, interconnectAttachment, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, interconnectAttachment, body=None, requestId=None)
   
Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -728,9 +1003,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+{ # Represents an Interconnect Attachment (VLAN) resource.
+    # 
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateIpv6Subnets": [ # Up to 16 candidate prefixes that control the allocation of cloudRouterIpv6Address and customerRouterIpv6Address for this attachment. Each prefix must be in the Global Unique Address (GUA) space. It is highly recommended that it be in a range owned by the requestor. A GUA in a range owned by Google will cause the request to fail. Google will select an available prefix from the supplied candidates or fail the request. If not supplied, a /125 from a Google-owned GUA block will be selected.
     "A String",
   ],
@@ -746,22 +1035,33 @@ 
Method Details

   "customerRouterIpv6InterfaceId": "A String", # If supplied, the interface id (index within the subnet) to be used for the customer router address. The id must be in the range of 1 to 6. If a subnet mask is supplied, it must be /125, and the subnet should either be 0 or match the selected subnet.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -777,22 +1077,46 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "stackType": "A String", # The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+      # 
+      # This field can be both set at interconnect attachments creation and update interconnect attachment operations.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -827,7 +1151,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -841,7 +1166,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -854,33 +1179,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -888,95 +1287,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -984,76 +1475,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1070,16 +1629,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1114,7 +1686,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1128,7 +1701,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1144,10 +1717,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.interconnectLocations.html b/docs/dyn/compute_alpha.interconnectLocations.html
index 261fbdbc28e..3fcaf8eb2f8 100644
--- a/docs/dyn/compute_alpha.interconnectLocations.html
+++ b/docs/dyn/compute_alpha.interconnectLocations.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, interconnectLocation, x__xgafv=None)

+  get(project, interconnectLocation)

 
Returns the details for the specified interconnect location. Gets a list of available interconnect locations by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect locations available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -96,25 +96,28 @@ 
Method Details

 

 
 

-    get(project, interconnectLocation, x__xgafv=None)
+    get(project, interconnectLocation)
   
Returns the details for the specified interconnect location. Gets a list of available interconnect locations by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnectLocation: string, Name of the interconnect location to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect Attachment (VLAN) Location resource. You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) Location resource.
+    #
+    # You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read  Creating VLAN Attachments.
   "address": "A String", # [Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.
   "availabilityZone": "A String", # [Output Only] Availability zone for this InterconnectLocation. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: "zone1" or "zone2".
   "city": "A String", # [Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: "Chicago, IL", "Amsterdam, Netherlands".
-  "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values: - AFRICA - ASIA_PAC - EUROPE - NORTH_AMERICA - SOUTH_AMERICA
+  "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values:
+      # - AFRICA
+      # - ASIA_PAC
+      # - EUROPE
+      # - NORTH_AMERICA
+      # - SOUTH_AMERICA
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # [Output Only] An optional description of the resource.
   "facilityProvider": "A String", # [Output Only] The name of the provider for this facility (e.g., EQUINIX).
@@ -132,26 +135,34 @@ 
Method Details

   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values: - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects. - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
+  "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values:
+      # - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects.
+      # - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
   "supportsPzs": True or False, # [Output Only] Set to true for locations that support physical zone separation. Defaults to false if the field is not present.
 }

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect locations available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -159,11 +170,18 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnect locations.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InterconnectLocation resources.
-    { # Represents an Interconnect Attachment (VLAN) Location resource. You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) Location resource.
+        #
+        # You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read  Creating VLAN Attachments.
       "address": "A String", # [Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.
       "availabilityZone": "A String", # [Output Only] Availability zone for this InterconnectLocation. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: "zone1" or "zone2".
       "city": "A String", # [Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: "Chicago, IL", "Amsterdam, Netherlands".
-      "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values: - AFRICA - ASIA_PAC - EUROPE - NORTH_AMERICA - SOUTH_AMERICA
+      "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values:
+          # - AFRICA
+          # - ASIA_PAC
+          # - EUROPE
+          # - NORTH_AMERICA
+          # - SOUTH_AMERICA
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # [Output Only] An optional description of the resource.
       "facilityProvider": "A String", # [Output Only] The name of the provider for this facility (e.g., EQUINIX).
@@ -181,7 +199,9 @@ 
Method Details

       ],
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values: - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects. - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
+      "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values:
+          # - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects.
+          # - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
       "supportsPzs": True or False, # [Output Only] Set to true for locations that support physical zone separation. Defaults to false if the field is not present.
     },
   ],
@@ -190,7 +210,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -216,7 +237,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -231,10 +252,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.interconnects.html b/docs/dyn/compute_alpha.interconnects.html
index 18d901922bb..b5d29a2ed4c 100644
--- a/docs/dyn/compute_alpha.interconnects.html
+++ b/docs/dyn/compute_alpha.interconnects.html
@@ -78,37 +78,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, interconnect, requestId=None, x__xgafv=None)

+  delete(project, interconnect, requestId=None)

 
Deletes the specified interconnect.

 

-  get(project, interconnect, x__xgafv=None)

+  get(project, interconnect)

 
Returns the specified interconnect. Get a list of available interconnects by making a list() request.

 

-  getDiagnostics(project, interconnect, x__xgafv=None)

+  getDiagnostics(project, interconnect)

 
Returns the interconnectDiagnostics for the specified interconnect.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a Interconnect in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, interconnect, body=None, requestId=None, x__xgafv=None)

+  patch(project, interconnect, body=None, requestId=None)

 
Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -117,22 +117,35 @@ 
Method Details

 

 
 

-    delete(project, interconnect, requestId=None, x__xgafv=None)
+    delete(project, interconnect, requestId=None)
   
Deletes the specified interconnect.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -167,7 +180,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -181,21 +195,19 @@ 
Method Details

 

 
 

-    get(project, interconnect, x__xgafv=None)
+    get(project, interconnect)
   
Returns the specified interconnect. Get a list of available interconnects by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+    { # Represents an Interconnect resource.
+    #
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -214,11 +226,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -227,38 +245,46 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }

 

 
 

-    getDiagnostics(project, interconnect, x__xgafv=None)
+    getDiagnostics(project, interconnect)
   
Returns the interconnectDiagnostics for the specified interconnect.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect resource to query. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -284,14 +310,26 @@ 
Method Details

         "lacpStatus": {
           "googleSystemId": "A String", # System ID of the port on Google's side of the LACP exchange.
           "neighborSystemId": "A String", # System ID of the port on the neighbor's side of the LACP exchange.
-          "state": "A String", # The state of a LACP link, which can take one of the following values: - ACTIVE: The link is configured and active within the bundle. - DETACHED: The link is not configured within the bundle. This means that the rest of the object should be empty.
+          "state": "A String", # The state of a LACP link, which can take one of the following values:
+              # - ACTIVE: The link is configured and active within the bundle.
+              # - DETACHED: The link is not configured within the bundle. This means that the rest of the object should be empty.
         },
         "receivingOpticalPower": { # An InterconnectDiagnostics.LinkOpticalPower object, describing the current value and status of the received light level.
-          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include: - OK: The value has not crossed a warning threshold. - LOW_WARNING: The value has crossed below the low warning threshold. - HIGH_WARNING: The value has crossed above the high warning threshold. - LOW_ALARM: The value has crossed below the low alarm threshold. - HIGH_ALARM: The value has crossed above the high alarm threshold.
+          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include:
+              # - OK: The value has not crossed a warning threshold.
+              # - LOW_WARNING: The value has crossed below the low warning threshold.
+              # - HIGH_WARNING: The value has crossed above the high warning threshold.
+              # - LOW_ALARM: The value has crossed below the low alarm threshold.
+              # - HIGH_ALARM: The value has crossed above the high alarm threshold.
           "value": 3.14, # Value of the current receiving or transmitting optical power, read in dBm. Take a known good optical value, give it a 10% margin and trigger warnings relative to that value. In general, a -7dBm warning and a -11dBm alarm are good optical value estimates for most links.
         },
         "transmittingOpticalPower": { # An InterconnectDiagnostics.LinkOpticalPower object, describing the current value and status of the transmitted light level.
-          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include: - OK: The value has not crossed a warning threshold. - LOW_WARNING: The value has crossed below the low warning threshold. - HIGH_WARNING: The value has crossed above the high warning threshold. - LOW_ALARM: The value has crossed below the low alarm threshold. - HIGH_ALARM: The value has crossed above the high alarm threshold.
+          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include:
+              # - OK: The value has not crossed a warning threshold.
+              # - LOW_WARNING: The value has crossed below the low warning threshold.
+              # - HIGH_WARNING: The value has crossed above the high warning threshold.
+              # - LOW_ALARM: The value has crossed below the low alarm threshold.
+              # - HIGH_ALARM: The value has crossed above the high alarm threshold.
           "value": 3.14, # Value of the current receiving or transmitting optical power, read in dBm. Take a known good optical value, give it a 10% margin and trigger warnings relative to that value. In general, a -7dBm warning and a -11dBm alarm are good optical value estimates for most links.
         },
       },
@@ -302,34 +340,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -337,76 +399,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a Interconnect in the specified project using the data included in the request.
 
 Args:
@@ -414,7 +544,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+{ # Represents an Interconnect resource.
+    # 
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -433,11 +565,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -446,36 +584,61 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -510,7 +673,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -524,20 +688,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -545,7 +715,9 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnects.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Interconnect resources.
-    { # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+    { # Represents an Interconnect resource.
+        #
+        # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
       "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
       "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
         { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -564,11 +736,17 @@ 
Method Details

           ],
           "description": "A String", # A description about the purpose of the outage.
           "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-          "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+          "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+              # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+              # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
           "name": "A String", # Unique identifier for this outage notification.
-          "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+          "source": "A String", # The party that generated this notification, which can take the following value:
+              # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
           "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-          "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+          "state": "A String", # State of this notification, which can take one of the following values:
+              # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+              # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+              # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
         },
       ],
       "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -577,24 +755,36 @@ 
Method Details

       "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
         "A String",
       ],
-      "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+      "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+          # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+          # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
       "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+      "linkType": "A String", # Type of link requested, which can take one of the following values:
+          # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+          # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
       "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-      "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+      "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+          # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+          # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+          # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
       "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
       "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
       "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
       "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+      "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+          # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+          # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+          # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
     },
   ],
   "kind": "compute#interconnectList", # [Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.
@@ -602,7 +792,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -628,7 +819,7 @@ 
Method Details

 

 
 

-    patch(project, interconnect, body=None, requestId=None, x__xgafv=None)
+    patch(project, interconnect, body=None, requestId=None)
   
Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -637,7 +828,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+{ # Represents an Interconnect resource.
+    # 
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -656,11 +849,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -669,36 +868,61 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "satisfiesPzs": True or False, # [Output Only] Set to true if the resource satisfies the zone separation organization policy constraints and false otherwise. Defaults to false if the field is not present.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -733,7 +957,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -747,7 +972,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -759,33 +984,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -793,95 +1092,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -889,76 +1280,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -974,15 +1433,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1017,7 +1485,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1031,7 +1500,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1046,10 +1515,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.licenseCodes.html b/docs/dyn/compute_alpha.licenseCodes.html
index 5a952a42787..d5cdcb5f7bf 100644
--- a/docs/dyn/compute_alpha.licenseCodes.html
+++ b/docs/dyn/compute_alpha.licenseCodes.html
@@ -78,17 +78,17 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, licenseCode, x__xgafv=None)

-
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  get(project, licenseCode)

+
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

-
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

+
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

-
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  setIamPolicy(project, resource, body=None)

+
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

-
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  testIamPermissions(project, resource, body=None)

+
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 
Method Details

 

     close()
@@ -96,21 +96,19 @@ 
Method Details

 

 
 

-    get(project, licenseCode, x__xgafv=None)
-  
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    get(project, licenseCode)
+  
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   licenseCode: string, Number corresponding to the License code resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a License Code resource. A License Code is a unique identifier used to represent a license resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License Code resource.
+    #
+    # A License Code is a unique identifier used to represent a license resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenseCodes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # [Output Only] Description of this License Code.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -129,34 +127,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
-  
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
+  
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -164,77 +186,145 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
-  
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    setIamPolicy(project, resource, body=None)
+  
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -245,33 +335,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -279,95 +443,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -375,77 +631,145 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
-  
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    testIamPermissions(project, resource, body=None)
+  
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -459,10 +783,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.licenses.html b/docs/dyn/compute_alpha.licenses.html
index 969e50c99f4..0e8ecdcab0f 100644
--- a/docs/dyn/compute_alpha.licenses.html
+++ b/docs/dyn/compute_alpha.licenses.html
@@ -78,29 +78,29 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, license, requestId=None, x__xgafv=None)

-
Deletes the specified license. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  delete(project, license, requestId=None)

+
Deletes the specified license.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  get(project, license, x__xgafv=None)

-
Returns the specified License resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  get(project, license)

+
Returns the specified License resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

-
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

+
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

-
Create a License resource in the specified project. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  insert(project, body=None, requestId=None)

+
Create a License resource in the specified project.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

-
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

+
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

-
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  setIamPolicy(project, resource, body=None)

+
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

-
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  testIamPermissions(project, resource, body=None)

+
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 
Method Details

 

     close()
@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, license, requestId=None, x__xgafv=None)
-  
Deletes the specified license. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    delete(project, license, requestId=None)
+  
Deletes the specified license.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   license: string, Name of the license resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,21 +186,19 @@ 
Method Details

 

 
 

-    get(project, license, x__xgafv=None)
-  
Returns the specified License resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    get(project, license)
+  
Returns the specified License resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   license: string, Name of the License resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License resource.
+    #
+    # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
   "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -205,34 +217,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
-  
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
+  
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -240,84 +276,154 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
-  
Create a License resource in the specified project. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    insert(project, body=None, requestId=None)
+  
Create a License resource in the specified project.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+{ # Represents a License resource.
+    # 
+    # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
   "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -334,16 +440,29 @@ 
Method Details

   "transferable": True or False, # If false, licenses will not be copied from the source resource when creating an image from a disk, disk from snapshot, or snapshot from disk.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -378,7 +497,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -392,20 +512,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
-  
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
+  
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -413,7 +539,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of License resources.
-    { # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License resource.
+        #
+        # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
       "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -434,7 +562,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -460,8 +589,8 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
-  
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    setIamPolicy(project, resource, body=None)
+  
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -472,33 +601,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -506,95 +709,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -602,77 +897,145 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
-  
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    testIamPermissions(project, resource, body=None)
+  
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -686,10 +1049,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.machineImages.html b/docs/dyn/compute_alpha.machineImages.html
index 849dcc74acd..49c59728993 100644
--- a/docs/dyn/compute_alpha.machineImages.html
+++ b/docs/dyn/compute_alpha.machineImages.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, machineImage, requestId=None, x__xgafv=None)

+  delete(project, machineImage, requestId=None)

 
Deletes the specified machine image. Deleting a machine image is permanent and cannot be undone.

 

-  get(project, machineImage, x__xgafv=None)

+  get(project, machineImage)

 
Returns the specified machine image. Gets a list of available machine images by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, sourceInstance=None, x__xgafv=None)

+  insert(project, body=None, requestId=None, sourceInstance=None)

 
Creates a machine image in the specified project using the data that is included in the request. If you are creating a new machine image to update an existing instance, your new machine image should use the same network or, if applicable, the same subnetwork as the original instance.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of machine images that are contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, machineImage, requestId=None, x__xgafv=None)
+    delete(project, machineImage, requestId=None)
   
Deletes the specified machine image. Deleting a machine image is permanent and cannot be undone.
 
 Args:
   project: string, Project ID for this request. (required)
   machineImage: string, The name of the machine image to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,31 +186,40 @@ 
Method Details

 

 
 

-    get(project, machineImage, x__xgafv=None)
+    get(project, machineImage)
   
Returns the specified machine image. Gets a list of available machine images by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   machineImage: string, The name of the machine image. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a machine image resource. A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images.
+    { # Represents a machine image resource.
+    #
+    # A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images. (== resource_for {$api_version}.machineImages ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this machine image in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
   "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
-  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
+  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key.
+      #
+      # After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request.
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the machine image.
+      #
+      # If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -209,13 +232,23 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
-      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
     },
   ],
-  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceProperties": { # [Output Only] Properties of source instance.
     "canIpForward": True or False, # Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
     "deletionProtection": True or False, # Whether the instance created from this machine image should be protected against deletion.
@@ -229,14 +262,19 @@ 
Method Details

           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in base-2 GB.
-        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project/zones/zone/diskTypes/pd-standard or pd-ssd
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # Specifies zero-based index of the disk that is attached to the source instance.
@@ -263,9 +301,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from this machine image.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -282,7 +322,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -305,7 +349,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -313,29 +361,44 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -364,7 +427,9 @@ 
Method Details

       },
     ],
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -379,34 +444,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -414,76 +503,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, sourceInstance=None, x__xgafv=None)
+    insert(project, body=None, requestId=None, sourceInstance=None)
   
Creates a machine image in the specified project using the data that is included in the request. If you are creating a new machine image to update an existing instance, your new machine image should use the same network or, if applicable, the same subnetwork as the original instance.
 
 Args:
@@ -491,17 +648,30 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a machine image resource. A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images.
+{ # Represents a machine image resource.
+    # 
+    # A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images. (== resource_for {$api_version}.machineImages ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this machine image in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
   "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
-  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
+  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key.
+      # 
+      # After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the machine image.
+      # 
+      # If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -514,13 +684,23 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
-      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
     },
   ],
-  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceProperties": { # [Output Only] Properties of source instance.
     "canIpForward": True or False, # Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
     "deletionProtection": True or False, # Whether the instance created from this machine image should be protected against deletion.
@@ -534,14 +714,19 @@ 
Method Details

           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in base-2 GB.
-        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project/zones/zone/diskTypes/pd-standard or pd-ssd
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # Specifies zero-based index of the disk that is attached to the source instance.
@@ -568,9 +753,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from this machine image.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -587,7 +774,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -610,7 +801,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -618,29 +813,44 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -669,7 +879,9 @@ 
Method Details

       },
     ],
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -682,17 +894,30 @@ 
Method Details

   "totalStorageBytes": "A String", # [Output Only] Total size of the storage used by the machine image.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceInstance: string, Required. Source instance that is used to create the machine image from.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -727,7 +952,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -741,20 +967,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of machine images that are contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -762,17 +994,30 @@ 
Method Details

     { # A list of machine images.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of MachineImage resources.
-    { # Represents a machine image resource. A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images.
+    { # Represents a machine image resource.
+        #
+        # A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images. (== resource_for {$api_version}.machineImages ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this machine image in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
       "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
-      "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
+      "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key.
+          #
+          # After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request.
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the machine image.
+          #
+          # If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -785,13 +1030,23 @@ 
Method Details

             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+          "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+              # - projects/project/zones/zone/disks/disk
+              # - zones/zone/disks/disk
         },
       ],
-      "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+      "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
       "sourceInstanceProperties": { # [Output Only] Properties of source instance.
         "canIpForward": True or False, # Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
         "deletionProtection": True or False, # Whether the instance created from this machine image should be protected against deletion.
@@ -805,14 +1060,19 @@ 
Method Details

               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
             "diskSizeGb": "A String", # The size of the disk in base-2 GB.
-            "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+            "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project/zones/zone/diskTypes/pd-standard or pd-ssd
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "index": 42, # Specifies zero-based index of the disk that is attached to the source instance.
@@ -839,9 +1099,11 @@ 
Method Details

         },
         "machineType": "A String", # The machine type to use for instances that are created from this machine image.
         "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
           "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
+            {
               "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
               "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
             },
@@ -858,7 +1120,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -881,7 +1147,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -889,29 +1159,44 @@ 
Method Details

                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
             "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
             "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
             "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
             "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
             "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
             "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
             "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
               {
                 "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
                 "ipAllocationMode": "A String",
-                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                    # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                    # - regions/region/subnetworks/subnetwork
                 "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
               },
             ],
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
           },
         ],
         "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
           "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
           "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -940,7 +1225,9 @@ 
Method Details

           },
         ],
         "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
             "A String",
           ],
@@ -958,7 +1245,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -984,7 +1272,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -996,33 +1284,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1030,95 +1392,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1126,76 +1580,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1210,10 +1732,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.machineTypes.html b/docs/dyn/compute_alpha.machineTypes.html
index 6a0436a7e8b..c092ea4afef 100644
--- a/docs/dyn/compute_alpha.machineTypes.html
+++ b/docs/dyn/compute_alpha.machineTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . machineTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of machine types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, machineType, x__xgafv=None)

+  get(project, zone, machineType)

 
Returns the specified machine type. Gets a list of available machine types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of machine types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of machine types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of MachineTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of machine types.
       "machineTypes": [ # [Output Only] A list of machine types contained in this scope.
-        { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+        { # Represents a Machine Type resource.
+            #
+            # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
           "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
             {
               "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -134,7 +142,11 @@ 
Method Details

             "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
             "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
               "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+                  #
+                  # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+                  #
+                  # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
                 "a_key": "A String",
               },
             },
@@ -155,7 +167,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the machine types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,7 +186,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -204,22 +218,20 @@ 
Method Details

 

 
 

-    get(project, zone, machineType, x__xgafv=None)
+    get(project, zone, machineType)
   
Returns the specified machine type. Gets a list of available machine types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   machineType: string, Name of the machine type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+    { # Represents a Machine Type resource.
+    #
+    # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
   "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
     {
       "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -235,7 +247,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -256,21 +272,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of machine types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -278,7 +300,9 @@ 
Method Details

     { # Contains a list of machine types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of MachineType resources.
-    { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+    { # Represents a Machine Type resource.
+        #
+        # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
       "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
         {
           "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -294,7 +318,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -318,7 +346,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.networkEdgeSecurityServices.html b/docs/dyn/compute_alpha.networkEdgeSecurityServices.html
index fcf0d0f19bb..b2e68dca779 100644
--- a/docs/dyn/compute_alpha.networkEdgeSecurityServices.html
+++ b/docs/dyn/compute_alpha.networkEdgeSecurityServices.html
@@ -75,7 +75,7 @@
 
Compute Engine API . networkEdgeSecurityServices

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all NetworkEdgeSecurityService resources available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,34 +84,40 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, networkEdgeSecurityService, requestId=None, x__xgafv=None)

+  delete(project, region, networkEdgeSecurityService, requestId=None)

 
Deletes the specified service.

 

-  get(project, region, networkEdgeSecurityService, x__xgafv=None)

+  get(project, region, networkEdgeSecurityService)

 
Gets a specified NetworkEdgeSecurityService.

 

-  insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, validateOnly=None)

 
Creates a new service in the specified project using the data included in the request.

 

-  patch(project, region, networkEdgeSecurityService, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)

+  patch(project, region, networkEdgeSecurityService, body=None, paths=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all NetworkEdgeSecurityService resources available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -122,12 +128,14 @@ 
Method Details

   "items": { # A list of NetworkEdgeSecurityServicesScopedList resources.
     "a_key": { # Name of the scope containing this set of security policies.
       "networkEdgeSecurityServices": [ # A list of NetworkEdgeSecurityServices contained in this scope.
-        { # Represents a Google Cloud Armor network edge security service resource.
+        { # Represents a Google Cloud Armor network edge security service resource. (== resource_for {$api_version}.networkEdgeSecurityServices ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-          "kind": "compute#networkEdgeSecurityService",
+          "kind": "compute#networkEdgeSecurityService", # [Output only] Type of the resource. Always compute#networkEdgeSecurityServicefor NetworkEdgeSecurityServices
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "region": "A String", # [Output Only] URL of the region where the resource resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "securityPolicy": "A String", # The resource URL for the network edge security service associated with this network edge security service.
@@ -137,7 +145,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of security policies when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -147,7 +156,7 @@ 
Method Details

       },
     },
   },
-  "kind": "compute#networkEdgeSecurityServiceAggregatedList",
+  "kind": "compute#networkEdgeSecurityServiceAggregatedList", # [Output Only] Type of resource. Always compute#networkEdgeSecurityServiceAggregatedList for lists of Network Edge Security Services.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "unreachables": [ # [Output Only] Unreachable resources.
@@ -155,7 +164,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -186,23 +196,36 @@ 
Method Details

 

 
 

-    delete(project, region, networkEdgeSecurityService, requestId=None, x__xgafv=None)
+    delete(project, region, networkEdgeSecurityService, requestId=None)
   
Deletes the specified service.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   networkEdgeSecurityService: string, Name of the network edge security service to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -237,7 +260,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -251,27 +275,25 @@ 
Method Details

 

 
 

-    get(project, region, networkEdgeSecurityService, x__xgafv=None)
+    get(project, region, networkEdgeSecurityService)
   
Gets a specified NetworkEdgeSecurityService.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   networkEdgeSecurityService: string, Name of the network edge security service to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Google Cloud Armor network edge security service resource.
+    { # Represents a Google Cloud Armor network edge security service resource. (== resource_for {$api_version}.networkEdgeSecurityServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "kind": "compute#networkEdgeSecurityService",
+  "kind": "compute#networkEdgeSecurityService", # [Output only] Type of the resource. Always compute#networkEdgeSecurityServicefor NetworkEdgeSecurityServices
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "region": "A String", # [Output Only] URL of the region where the resource resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # The resource URL for the network edge security service associated with this network edge security service.
@@ -281,7 +303,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, validateOnly=None)
   
Creates a new service in the specified project using the data included in the request.
 
 Args:
@@ -290,12 +312,14 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor network edge security service resource.
+{ # Represents a Google Cloud Armor network edge security service resource. (== resource_for {$api_version}.networkEdgeSecurityServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "kind": "compute#networkEdgeSecurityService",
+  "kind": "compute#networkEdgeSecurityService", # [Output only] Type of the resource. Always compute#networkEdgeSecurityServicefor NetworkEdgeSecurityServices
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "region": "A String", # [Output Only] URL of the region where the resource resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # The resource URL for the network edge security service associated with this network edge security service.
@@ -303,17 +327,30 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -348,7 +385,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -362,7 +400,7 @@ 
Method Details

 

 
 

-    patch(project, region, networkEdgeSecurityService, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)
+    patch(project, region, networkEdgeSecurityService, body=None, paths=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -372,12 +410,14 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor network edge security service resource.
+{ # Represents a Google Cloud Armor network edge security service resource. (== resource_for {$api_version}.networkEdgeSecurityServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a NetworkEdgeSecurityService. An up-to-date fingerprint must be provided in order to update the NetworkEdgeSecurityService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a NetworkEdgeSecurityService.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "kind": "compute#networkEdgeSecurityService",
+  "kind": "compute#networkEdgeSecurityService", # [Output only] Type of the resource. Always compute#networkEdgeSecurityServicefor NetworkEdgeSecurityServices
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "region": "A String", # [Output Only] URL of the region where the resource resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # The resource URL for the network edge security service associated with this network edge security service.
@@ -385,18 +425,30 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  paths: string, A parameter (repeated)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  updateMask: string, Indicates fields to be updated as part of this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  paths: string, The set of field mask paths. (repeated)
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -431,7 +483,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.networkEndpointGroups.html b/docs/dyn/compute_alpha.networkEndpointGroups.html
index 879bbcf7010..e56ae52b28e 100644
--- a/docs/dyn/compute_alpha.networkEndpointGroups.html
+++ b/docs/dyn/compute_alpha.networkEndpointGroups.html
@@ -75,34 +75,34 @@
 
Compute Engine API . networkEndpointGroups

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups and sorts them by zone.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)

 
Attach a list of network endpoints to the specified network endpoint group.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, zone, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.

 

-  detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)

 
Detach a list of network endpoints from the specified network endpoint group.

 

-  get(project, zone, networkEndpointGroup, x__xgafv=None)

+  get(project, zone, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups that are located in the specified project and zone.

 

-  listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the network endpoints in the specified network endpoint group.

 

   listNetworkEndpoints_next(previous_request, previous_response)

@@ -111,25 +111,31 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups and sorts them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -139,23 +145,57 @@ 
Method Details

   "items": { # A list of NetworkEndpointGroupsScopedList resources.
     "a_key": { # The name of the scope that contains this set of network endpoint groups.
       "networkEndpointGroups": [ # [Output Only] The list of network endpoint groups that are contained in this scope.
-        { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+        { # Represents a collection of network endpoints.
+            #
+            # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
           "annotations": { # Metadata defined as annotations on the network endpoint group.
             "a_key": "A String",
           },
-          "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-            "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-            "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+          "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+            "service": "A String", # Optional serving service.
+                #
+                # The service name is case-sensitive and must be 1-63 characters long.
+                #
+                # Example value: "default", "my-service".
+            "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+                #
+                # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+            "version": "A String", # Optional serving version.
+                #
+                # The version name is case-sensitive and must be 1-100 characters long.
+                #
+                # Example value: "v1", "v2".
           },
-          "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-            "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+          "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+            "function": "A String", # A user-defined name of the Cloud Function.
+                #
+                # The function name is case-sensitive and must be 1-63 characters long.
+                #
+                # Example value: "func1".
+            "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+                #
+                # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
           },
-          "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-            "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-            "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+          "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+            "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+                #
+                # The service must be 1-63 characters long, and comply with RFC1035.
+                #
+                # Example value: "run-service".
+            "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+                #
+                # The tag must be 1-63 characters long, and comply with RFC1035.
+                #
+                # Example value: "revision-0010".
+            "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+                #
+                # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -175,11 +215,37 @@ 
Method Details

           "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-            "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-            "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-            "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-            "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+          "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+              #
+              # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+            "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+                #
+                #
+                # - API Gateway: apigateway.googleapis.com
+                # - App Engine: appengine.googleapis.com
+                # - Cloud Functions: cloudfunctions.googleapis.com
+                # - Cloud Run: run.googleapis.com
+            "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+                #
+                #
+                # - API Gateway: The gateway ID
+                # - App Engine: The service name
+                # - Cloud Functions: The function name
+                # - Cloud Run: The service name
+            "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+                #
+                #
+                # - API Gateway: The gateway ID
+                # - App Engine: The service and version
+                # - Cloud Functions: The function name
+                # - Cloud Run: The service and tag
+            "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+                #
+                #
+                # - API Gateway: Unused
+                # - App Engine: The service version
+                # - Cloud Functions: Unused
+                # - Cloud Run: The service tag
           },
           "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
           "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -189,7 +255,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that replaces the list of network endpoint groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -207,7 +274,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -233,7 +301,7 @@ 
Method Details

 

 
 

-    attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)
   
Attach a list of network endpoints to the specified network endpoint group.
 
 Args:
@@ -250,23 +318,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -301,7 +384,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -320,23 +404,36 @@ 
Method Details

 

 
 

-    delete(project, zone, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, zone, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -371,7 +468,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -385,7 +483,7 @@ 
Method Details

 

 
 

-    detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)
   
Detach a list of network endpoints from the specified network endpoint group.
 
 Args:
@@ -402,23 +500,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -453,7 +566,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -467,38 +581,68 @@ 
Method Details

 

 
 

-    get(project, zone, networkEndpointGroup, x__xgafv=None)
+    get(project, zone, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -518,11 +662,37 @@ 
Method Details

   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+      #
+      # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+        #
+        #
+        # - API Gateway: apigateway.googleapis.com
+        # - App Engine: appengine.googleapis.com
+        # - Cloud Functions: cloudfunctions.googleapis.com
+        # - Cloud Run: run.googleapis.com
+    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service name
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service name
+    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service and version
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service and tag
+    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+        #
+        #
+        # - API Gateway: Unused
+        # - App Engine: The service version
+        # - Cloud Functions: Unused
+        # - Cloud Run: The service tag
   },
   "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
   "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -532,7 +702,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -541,23 +711,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -577,11 +781,37 @@ 
Method Details

   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+      #
+      # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+        #
+        #
+        # - API Gateway: apigateway.googleapis.com
+        # - App Engine: appengine.googleapis.com
+        # - Cloud Functions: cloudfunctions.googleapis.com
+        # - Cloud Run: run.googleapis.com
+    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service name
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service name
+    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service and version
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service and tag
+    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+        #
+        #
+        # - API Gateway: Unused
+        # - App Engine: The service version
+        # - Cloud Functions: Unused
+        # - Cloud Run: The service tag
   },
   "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
   "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -589,16 +819,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -633,7 +876,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -647,21 +891,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups that are located in the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -669,23 +919,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -705,11 +989,37 @@ 
Method Details

       "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-        "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-        "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-        "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-        "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+      "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+          #
+          # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+        "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+            #
+            #
+            # - API Gateway: apigateway.googleapis.com
+            # - App Engine: appengine.googleapis.com
+            # - Cloud Functions: cloudfunctions.googleapis.com
+            # - Cloud Run: run.googleapis.com
+        "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+            #
+            #
+            # - API Gateway: The gateway ID
+            # - App Engine: The service name
+            # - Cloud Functions: The function name
+            # - Cloud Run: The service name
+        "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+            #
+            #
+            # - API Gateway: The gateway ID
+            # - App Engine: The service and version
+            # - Cloud Functions: The function name
+            # - Cloud Run: The service and tag
+        "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+            #
+            #
+            # - API Gateway: Unused
+            # - App Engine: The service version
+            # - Cloud Functions: Unused
+            # - Cloud Run: The service tag
       },
       "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
       "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -722,7 +1032,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -734,7 +1045,7 @@ 
Method Details

 

 
 

-    listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the network endpoints in the specified network endpoint group.
 
 Args:
@@ -752,7 +1063,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -761,15 +1074,21 @@ 
Method Details

   "healthStatus": "A String", # Optional query parameter for showing the health status of each network endpoint. Valid options are SKIP or SHOW. If you don't specify this parameter, the health status of network endpoints will not be provided.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -786,10 +1105,16 @@ 
Method Details

           "forwardingRule": { # URL of the forwarding rule associated with the health state of the network endpoint.
             "forwardingRule": "A String",
           },
-          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check # URL of the health check associated with the health state of the network endpoint.
+          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: # URL of the health check associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+              # - projects/project-id/global/httpHealthChecks/health-check
+              # - global/httpHealthChecks/health-check
             "healthCheck": "A String",
           },
-          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service - projects/project-id/regions/us-west1/healthCheckServices/health-check-service - regions/us-west1/healthCheckServices/health-check-service # URL of the health check service associated with the health state of the network endpoint.
+          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: # URL of the health check service associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - regions/us-west1/healthCheckServices/health-check-service
             "healthCheckService": "A String",
           },
           "healthState": "A String", # Health state of the network endpoint determined based on the health checks configured.
@@ -800,7 +1125,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -810,7 +1137,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -850,7 +1178,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -866,10 +1194,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.networkFirewallPolicies.html b/docs/dyn/compute_alpha.networkFirewallPolicies.html
index 2f3b32a7319..d01834aba56 100644
--- a/docs/dyn/compute_alpha.networkFirewallPolicies.html
+++ b/docs/dyn/compute_alpha.networkFirewallPolicies.html
@@ -75,62 +75,62 @@
 
Compute Engine API . networkFirewallPolicies

 
Instance Methods

 

-  addAssociation(project, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)

+  addAssociation(project, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)

 
Inserts an association for the specified firewall policy.

 

-  addRule(project, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None, x__xgafv=None)

+  addRule(project, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)

 
Inserts a rule into a firewall policy.

 

-  cloneRules(project, firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)

+  cloneRules(project, firewallPolicy, requestId=None, sourceFirewallPolicy=None)

 
Copies rules to the specified firewall policy.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, firewallPolicy, requestId=None, x__xgafv=None)

+  delete(project, firewallPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(project, firewallPolicy, x__xgafv=None)

+  get(project, firewallPolicy)

 
Returns the specified network firewall policy.

 

-  getAssociation(project, firewallPolicy, name=None, x__xgafv=None)

+  getAssociation(project, firewallPolicy, name=None)

 
Gets an association with the specified name.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getRule(project, firewallPolicy, priority=None, x__xgafv=None)

+  getRule(project, firewallPolicy, priority=None)

 
Gets a rule of the specified priority.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the policies that have been configured for the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, firewallPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 

-  patchRule(project, firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)

+  patchRule(project, firewallPolicy, body=None, priority=None, requestId=None)

 
Patches a rule of the specified priority.

 

-  removeAssociation(project, firewallPolicy, name=None, requestId=None, x__xgafv=None)

+  removeAssociation(project, firewallPolicy, name=None, requestId=None)

 
Removes an association for the specified firewall policy.

 

-  removeRule(project, firewallPolicy, priority=None, requestId=None, x__xgafv=None)

+  removeRule(project, firewallPolicy, priority=None, requestId=None)

 
Deletes a rule of the specified priority.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addAssociation(project, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)
+    addAssociation(project, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)
   
Inserts an association for the specified firewall policy.
 
 Args:
@@ -148,16 +148,29 @@ 
Method Details

 }
 
   replaceExistingAssociation: boolean, Indicates whether or not to replace it if an association of the attachment already exists. This is false by default, in which case an error will be returned if an association already exists.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -192,7 +205,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -206,7 +220,7 @@ 
Method Details

 

 
 

-    addRule(project, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None, x__xgafv=None)
+    addRule(project, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)
   
Inserts a rule into a firewall policy.
 
 Args:
@@ -229,7 +243,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -262,16 +278,29 @@ 
Method Details

 
   maxPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.
   minPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -306,7 +335,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -320,23 +350,36 @@ 
Method Details

 

 
 

-    cloneRules(project, firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)
+    cloneRules(project, firewallPolicy, requestId=None, sourceFirewallPolicy=None)
   
Copies rules to the specified firewall policy.
 
 Args:
   project: string, Project ID for this request. (required)
   firewallPolicy: string, Name of the firewall policy to update. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceFirewallPolicy: string, The firewall policy from which to copy rules.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -371,7 +414,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -390,22 +434,35 @@ 
Method Details

 

 
 

-    delete(project, firewallPolicy, requestId=None, x__xgafv=None)
+    delete(project, firewallPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   firewallPolicy: string, Name of the firewall policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -440,7 +497,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -454,21 +512,17 @@ 
Method Details

 

 
 

-    get(project, firewallPolicy, x__xgafv=None)
+    get(project, firewallPolicy)
   
Returns the specified network firewall policy.
 
 Args:
   project: string, Project ID for this request. (required)
   firewallPolicy: string, Name of the firewall policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -481,7 +535,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -503,7 +559,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -541,17 +599,13 @@ 
Method Details

 

 
 

-    getAssociation(project, firewallPolicy, name=None, x__xgafv=None)
+    getAssociation(project, firewallPolicy, name=None)
   
Gets an association with the specified name.
 
 Args:
   project: string, Project ID for this request. (required)
   firewallPolicy: string, Name of the firewall policy to which the queried association belongs. (required)
   name: string, The name of the association to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -566,34 +620,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -601,86 +679,150 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getRule(project, firewallPolicy, priority=None, x__xgafv=None)
+    getRule(project, firewallPolicy, priority=None)
   
Gets a rule of the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -699,7 +841,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -732,7 +876,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
@@ -740,7 +884,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -753,7 +897,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -775,7 +921,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -811,16 +959,29 @@ 
Method Details

   "shortName": "A String", # User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -855,7 +1016,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -869,20 +1031,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the policies that have been configured for the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -890,7 +1058,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of FirewallPolicy resources.
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
       "associations": [ # A list of associations that belong to this firewall policy.
         {
           "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -903,7 +1071,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the firewall policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
       "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -925,7 +1095,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -965,7 +1137,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -991,7 +1164,7 @@ 
Method Details

 

 
 

-    patch(project, firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, firewallPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -1000,7 +1173,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -1013,7 +1186,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -1035,7 +1210,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -1071,16 +1248,29 @@ 
Method Details

   "shortName": "A String", # User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1115,7 +1305,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1129,7 +1320,7 @@ 
Method Details

 

 
 

-    patchRule(project, firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)
+    patchRule(project, firewallPolicy, body=None, priority=None, requestId=None)
   
Patches a rule of the specified priority.
 
 Args:
@@ -1152,7 +1343,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -1184,16 +1377,29 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1228,7 +1434,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1242,23 +1449,36 @@ 
Method Details

 

 
 

-    removeAssociation(project, firewallPolicy, name=None, requestId=None, x__xgafv=None)
+    removeAssociation(project, firewallPolicy, name=None, requestId=None)
   
Removes an association for the specified firewall policy.
 
 Args:
   project: string, Project ID for this request. (required)
   firewallPolicy: string, Name of the firewall policy to update. (required)
   name: string, Name for the attachment that will be removed.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1293,7 +1513,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1307,23 +1528,36 @@ 
Method Details

 

 
 

-    removeRule(project, firewallPolicy, priority=None, requestId=None, x__xgafv=None)
+    removeRule(project, firewallPolicy, priority=None, requestId=None)
   
Deletes a rule of the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   firewallPolicy: string, Name of the firewall policy to update. (required)
   priority: integer, The priority of the rule to remove from the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1358,7 +1592,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1372,7 +1607,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1384,33 +1619,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1418,95 +1727,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1514,76 +1915,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1598,10 +2067,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.networks.html b/docs/dyn/compute_alpha.networks.html
index 3e13744d991..daecc69b8b4 100644
--- a/docs/dyn/compute_alpha.networks.html
+++ b/docs/dyn/compute_alpha.networks.html
@@ -75,40 +75,40 @@
 
Compute Engine API . networks

 
Instance Methods

 

-  addPeering(project, network, body=None, requestId=None, x__xgafv=None)

+  addPeering(project, network, body=None, requestId=None)

 
Adds a peering to the specified network.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, network, requestId=None, x__xgafv=None)

+  delete(project, network, requestId=None)

 
Deletes the specified network.

 

-  get(project, network, x__xgafv=None)

+  get(project, network)

 
Returns the specified network. Gets a list of available networks by making a list() request.

 

-  getEffectiveFirewalls(project, network, x__xgafv=None)

+  getEffectiveFirewalls(project, network)

 
Returns the effective firewalls on a given network.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a network in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of networks available to the specified project.

 

-  listIpAddresses(project, network, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, types=None, x__xgafv=None)

+  listIpAddresses(project, network, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, types=None)

 
Lists the internal IP addresses in the specified network.

 

   listIpAddresses_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listIpOwners(project, network, filter=None, ipCidrRange=None, maxResults=None, orderBy=None, ownerProjects=None, ownerTypes=None, pageToken=None, returnPartialSuccess=None, subnetName=None, subnetRegion=None, x__xgafv=None)

+  listIpOwners(project, network, filter=None, ipCidrRange=None, maxResults=None, orderBy=None, ownerProjects=None, ownerTypes=None, pageToken=None, returnPartialSuccess=None, subnetName=None, subnetRegion=None)

 
Lists the internal IP owners in the specified network.

 

   listIpOwners_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None, x__xgafv=None)

+  listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None)

 
Lists the peering routes exchanged over peering connection.

 

   listPeeringRoutes_next(previous_request, previous_response)

@@ -117,23 +117,23 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, network, body=None, requestId=None, x__xgafv=None)

+  patch(project, network, body=None, requestId=None)

 
Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.

 

-  removePeering(project, network, body=None, requestId=None, x__xgafv=None)

+  removePeering(project, network, body=None, requestId=None)

 
Removes a peering from the specified network.

 

-  switchToCustomMode(project, network, requestId=None, x__xgafv=None)

+  switchToCustomMode(project, network, requestId=None)

 
Switches the network mode from auto subnet mode to custom subnet mode.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  updatePeering(project, network, body=None, requestId=None, x__xgafv=None)

+  updatePeering(project, network, body=None, requestId=None)

 
Updates the specified network peering with the data included in the request Only the following fields can be modified: NetworkPeering.export_custom_routes, and NetworkPeering.import_custom_routes

 
Method Details

 

-    addPeering(project, network, body=None, requestId=None, x__xgafv=None)
+    addPeering(project, network, body=None, requestId=None)
   
Adds a peering to the specified network.
 
 Args:
@@ -164,16 +164,29 @@ 
Method Details

   "peerNetwork": "A String", # URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -208,7 +221,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -227,22 +241,35 @@ 
Method Details

 

 
 

-    delete(project, network, requestId=None, x__xgafv=None)
+    delete(project, network, requestId=None)
   
Deletes the specified network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -277,7 +304,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -291,23 +319,27 @@ 
Method Details

 

 
 

-    get(project, network, x__xgafv=None)
+    get(project, network)
   
Returns the specified network. Gets a list of available networks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a VPC Network resource.
+    #
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      #
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      #
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      #
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "firewallPolicy": "A String", # [Output Only] URL of the firewall policy the network is associated with.
@@ -344,16 +376,12 @@ 
Method Details

 

 
 

-    getEffectiveFirewalls(project, network, x__xgafv=None)
+    getEffectiveFirewalls(project, network)
   
Returns the effective firewalls on a given network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -378,7 +406,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -414,11 +444,15 @@ 
Method Details

     },
   ],
   "firewalls": [ # Effective firewalls on the network.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -427,7 +461,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -446,7 +482,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -475,7 +516,9 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "headerAction": { # Optional, additional actions that are performed on headers.
             "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
               {
@@ -487,21 +530,35 @@ 
Method Details

           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -510,7 +567,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -537,7 +612,9 @@ 
Method Details

           "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -551,7 +628,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a network in the specified project using the data included in the request.
 
 Args:
@@ -559,9 +636,17 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a VPC Network resource.
+    # 
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      # 
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      # 
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      # 
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "firewallPolicy": "A String", # [Output Only] URL of the firewall policy the network is associated with.
@@ -596,16 +681,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -640,7 +738,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -654,20 +753,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of networks available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -675,9 +780,17 @@ 
Method Details

     { # Contains a list of networks.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Network resources.
-    { # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a VPC Network resource.
+        #
+        # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
       "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-      "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+      "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+          #
+          # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+          #
+          # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+          #
+          # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
       "firewallPolicy": "A String", # [Output Only] URL of the firewall policy the network is associated with.
@@ -717,7 +830,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -729,22 +843,28 @@ 
Method Details

 

 
 

-    listIpAddresses(project, network, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, types=None, x__xgafv=None)
+    listIpAddresses(project, network, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, types=None)
   
Lists the internal IP addresses in the specified network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
   types: string, (Optional) types filter separate by comma, valid values are: SUBNETWORK, RESERVED, PEER_USED, PEER_RESERVED, REMOTE_USED, REMOTE_RESERVED.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -765,7 +885,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -791,26 +912,32 @@ 
Method Details

 

 
 

-    listIpOwners(project, network, filter=None, ipCidrRange=None, maxResults=None, orderBy=None, ownerProjects=None, ownerTypes=None, pageToken=None, returnPartialSuccess=None, subnetName=None, subnetRegion=None, x__xgafv=None)
+    listIpOwners(project, network, filter=None, ipCidrRange=None, maxResults=None, orderBy=None, ownerProjects=None, ownerTypes=None, pageToken=None, returnPartialSuccess=None, subnetName=None, subnetRegion=None)
   
Lists the internal IP owners in the specified network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to return. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   ipCidrRange: string, (Optional) IP CIDR range filter, example: "10.128.10.0/30".
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   ownerProjects: string, (Optional) Project IDs filter, example: "project-1,project-2".
   ownerTypes: string, (Optional) Owner types filter, example: "instance,forwardingRule".
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
   subnetName: string, (Optional) Subnetwork name filter.
   subnetRegion: string, (Optional) Subnetwork region filter.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -831,7 +958,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -857,7 +985,7 @@ 
Method Details

 

 
 

-    listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None, x__xgafv=None)
+    listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None)
   
Lists the peering routes exchanged over peering connection.
 
 Args:
@@ -865,19 +993,25 @@ 
Method Details

   network: string, Name of the network for this request. (required)
   direction: string, The direction of the exchanged routes.
     Allowed values
-      INCOMING - For routes exported from peer network.
-      OUTGOING - For routes exported from local network.
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+      INCOMING - 
+      OUTGOING - 
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   peeringName: string, The response will show routes exchanged over the given peering connection.
   region: string, The region of the request. The response will include all subnet routes, static routes and dynamic routes in the region.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -898,7 +1032,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -938,7 +1073,7 @@ 
Method Details

 

 
 

-    patch(project, network, body=None, requestId=None, x__xgafv=None)
+    patch(project, network, body=None, requestId=None)
   
Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.
 
 Args:
@@ -947,9 +1082,17 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a VPC Network resource.
+    # 
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      # 
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      # 
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      # 
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "firewallPolicy": "A String", # [Output Only] URL of the firewall policy the network is associated with.
@@ -984,16 +1127,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1028,7 +1184,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1042,7 +1199,7 @@ 
Method Details

 

 
 

-    removePeering(project, network, body=None, requestId=None, x__xgafv=None)
+    removePeering(project, network, body=None, requestId=None)
   
Removes a peering from the specified network.
 
 Args:
@@ -1055,16 +1212,29 @@ 
Method Details

   "name": "A String", # Name of the peering, which should conform to RFC1035.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1099,7 +1269,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1113,22 +1284,35 @@ 
Method Details

 

 
 

-    switchToCustomMode(project, network, requestId=None, x__xgafv=None)
+    switchToCustomMode(project, network, requestId=None)
   
Switches the network mode from auto subnet mode to custom subnet mode.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to be updated. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1163,7 +1347,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1177,7 +1362,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1192,10 +1377,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1208,7 +1389,7 @@ 
Method Details

 

 
 

-    updatePeering(project, network, body=None, requestId=None, x__xgafv=None)
+    updatePeering(project, network, body=None, requestId=None)
   
Updates the specified network peering with the data included in the request Only the following fields can be modified: NetworkPeering.export_custom_routes, and NetworkPeering.import_custom_routes
 
 Args:
@@ -1234,16 +1415,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1278,7 +1472,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.nodeGroups.html b/docs/dyn/compute_alpha.nodeGroups.html
index d4647d16780..f6a33095d2a 100644
--- a/docs/dyn/compute_alpha.nodeGroups.html
+++ b/docs/dyn/compute_alpha.nodeGroups.html
@@ -75,10 +75,10 @@
 
Compute Engine API . nodeGroups

 
Instance Methods

 

-  addNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  addNodes(project, zone, nodeGroup, body=None, requestId=None)

 
Adds specified number of nodes to the node group.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node groups. Note: use nodeGroups.listNodes for more details about each group.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,25 +87,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, nodeGroup, requestId=None, x__xgafv=None)

+  delete(project, zone, nodeGroup, requestId=None)

 
Deletes the specified NodeGroup resource.

 

-  deleteNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  deleteNodes(project, zone, nodeGroup, body=None, requestId=None)

 
Deletes specified nodes from the node group.

 

-  get(project, zone, nodeGroup, x__xgafv=None)

+  get(project, zone, nodeGroup)

 
Returns the specified NodeGroup. Get a list of available NodeGroups by making a list() request. Note: the "nodes" field should not be used. Use nodeGroups.listNodes instead.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, initialNodeCount, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, initialNodeCount, body=None, requestId=None)

 
Creates a NodeGroup resource in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node groups available to the specified project. Note: use nodeGroups.listNodes for more details about each group.

 

-  listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists nodes in the node group.

 

   listNodes_next(previous_request, previous_response)

@@ -114,20 +114,20 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, nodeGroup, body=None, requestId=None)

 
Updates the specified node group.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None)

 
Updates the node template of the node group.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    addNodes(project, zone, nodeGroup, body=None, requestId=None)
   
Adds specified number of nodes to the node group.
 
 Args:
@@ -141,16 +141,29 @@ 
Method Details

   "additionalNodeCount": 42, # Count of additional nodes to be added to the node group.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -185,7 +198,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -199,21 +213,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node groups. Note: use nodeGroups.listNodes for more details about each group.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -223,11 +243,13 @@ 
Method Details

   "items": { # A list of NodeGroupsScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node groups.
       "nodeGroups": [ # [Output Only] A list of node groups contained in this scope.
-        { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+        { # Represent a sole-tenant Node Group resource.
+            #
+            # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
           "autoscalingPolicy": { # Specifies how autoscaling should behave.
             "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
             "minNodes": 42, # The minimum number of nodes that the group should have.
-            "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+            "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -235,7 +257,7 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
           "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-          "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+          "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
           "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
             "duration": "A String", # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
             "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
@@ -261,7 +283,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the nodeGroup list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -279,7 +302,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -310,23 +334,36 @@ 
Method Details

 

 
 

-    delete(project, zone, nodeGroup, requestId=None, x__xgafv=None)
+    delete(project, zone, nodeGroup, requestId=None)
   
Deletes the specified NodeGroup resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the NodeGroup resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -361,7 +398,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -375,7 +413,7 @@ 
Method Details

 

 
 

-    deleteNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    deleteNodes(project, zone, nodeGroup, body=None, requestId=None)
   
Deletes specified nodes from the node group.
 
 Args:
@@ -391,16 +429,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -435,7 +486,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -449,26 +501,24 @@ 
Method Details

 

 
 

-    get(project, zone, nodeGroup, x__xgafv=None)
+    get(project, zone, nodeGroup)
   
Returns the specified NodeGroup. Get a list of available NodeGroups by making a list() request. Note: the "nodes" field should not be used. Use nodeGroups.listNodes instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the node group to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+    { # Represent a sole-tenant Node Group resource.
+    #
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -476,7 +526,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "duration": "A String", # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
@@ -502,7 +552,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -510,27 +560,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -538,76 +612,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, initialNodeCount, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, initialNodeCount, body=None, requestId=None)
   
Creates a NodeGroup resource in the specified project using the data included in the request.
 
 Args:
@@ -617,11 +759,13 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+{ # Represent a sole-tenant Node Group resource.
+    # 
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -629,7 +773,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "duration": "A String", # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
@@ -653,16 +797,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The name of the zone where the node group resides, such as us-central1-a.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -697,7 +854,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -711,21 +869,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node groups available to the specified project. Note: use nodeGroups.listNodes for more details about each group.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -733,11 +897,13 @@ 
Method Details

     { # Contains a list of nodeGroups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeGroup resources.
-    { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+    { # Represent a sole-tenant Node Group resource.
+        #
+        # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
       "autoscalingPolicy": { # Specifies how autoscaling should behave.
         "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
         "minNodes": 42, # The minimum number of nodes that the group should have.
-        "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+        "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -745,7 +911,7 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
       "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-      "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+      "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
       "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
         "duration": "A String", # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
         "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
@@ -774,7 +940,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -786,22 +953,28 @@ 
Method Details

 

 
 

-    listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists nodes in the node group.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the NodeGroup resource whose nodes you want to list. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -842,7 +1015,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -882,7 +1056,7 @@ 
Method Details

 

 
 

-    patch(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, nodeGroup, body=None, requestId=None)
   
Updates the specified node group.
 
 Args:
@@ -892,11 +1066,13 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+{ # Represent a sole-tenant Node Group resource.
+    # 
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -904,7 +1080,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "duration": "A String", # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
@@ -928,16 +1104,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The name of the zone where the node group resides, such as us-central1-a.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -972,7 +1161,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -986,7 +1176,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -999,33 +1189,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1033,95 +1297,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1129,76 +1485,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None)
   
Updates the node template of the node group.
 
 Args:
@@ -1212,16 +1636,29 @@ 
Method Details

   "nodeTemplate": "A String", # Full or partial URL of the node template resource to be updated for this node group.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1256,7 +1693,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1270,7 +1708,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1286,10 +1724,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.nodeTemplates.html b/docs/dyn/compute_alpha.nodeTemplates.html
index e0cfcfb475c..7e8a2adfcb8 100644
--- a/docs/dyn/compute_alpha.nodeTemplates.html
+++ b/docs/dyn/compute_alpha.nodeTemplates.html
@@ -75,7 +75,7 @@
 
Compute Engine API . nodeTemplates

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node templates.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, nodeTemplate, requestId=None, x__xgafv=None)

+  delete(project, region, nodeTemplate, requestId=None)

 
Deletes the specified NodeTemplate resource.

 

-  get(project, region, nodeTemplate, x__xgafv=None)

+  get(project, region, nodeTemplate)

 
Returns the specified node template. Gets a list of available node templates by making a list() request.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a NodeTemplate resource in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node templates available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node templates.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,7 +139,9 @@ 
Method Details

   "items": { # A list of NodeTemplatesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node templates.
       "nodeTemplates": [ # [Output Only] A list of node templates contained in this scope.
-        { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+        { # Represent a sole-tenant Node Template resource.
+            #
+            # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
           "accelerators": [
             { # A specification of the type and number of accelerator cards attached to the instance.
               "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -157,7 +165,9 @@ 
Method Details

             "a_key": "A String",
           },
           "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-          "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+          "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+              #
+              # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
             "cpus": "A String",
             "localSsd": "A String",
             "memory": "A String",
@@ -165,7 +175,11 @@ 
Method Details

           "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+          "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+              # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+              # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+              #
+              # See Sole-tenant node options for more information.
             "type": "A String",
           },
           "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -174,7 +188,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the node templates list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -192,7 +207,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -223,23 +239,36 @@ 
Method Details

 

 
 

-    delete(project, region, nodeTemplate, requestId=None, x__xgafv=None)
+    delete(project, region, nodeTemplate, requestId=None)
   
Deletes the specified NodeTemplate resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   nodeTemplate: string, Name of the NodeTemplate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -274,7 +303,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -288,22 +318,20 @@ 
Method Details

 

 
 

-    get(project, region, nodeTemplate, x__xgafv=None)
+    get(project, region, nodeTemplate)
   
Returns the specified node template. Gets a list of available node templates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   nodeTemplate: string, Name of the node template to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+    { # Represent a sole-tenant Node Template resource.
+    #
+    # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
   "accelerators": [
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -327,7 +355,9 @@ 
Method Details

     "a_key": "A String",
   },
   "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+      #
+      # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
     "cpus": "A String",
     "localSsd": "A String",
     "memory": "A String",
@@ -335,7 +365,11 @@ 
Method Details

   "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+  "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+      # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+      # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+      #
+      # See Sole-tenant node options for more information.
     "type": "A String",
   },
   "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -344,7 +378,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -352,27 +386,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -380,76 +438,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a NodeTemplate resource in the specified project using the data included in the request.
 
 Args:
@@ -458,7 +584,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+{ # Represent a sole-tenant Node Template resource.
+    # 
+    # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
   "accelerators": [
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -482,7 +610,9 @@ 
Method Details

     "a_key": "A String",
   },
   "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+      # 
+      # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
     "cpus": "A String",
     "localSsd": "A String",
     "memory": "A String",
@@ -490,23 +620,40 @@ 
Method Details

   "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+  "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+      # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+      # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+      # 
+      # See Sole-tenant node options for more information.
     "type": "A String",
   },
   "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -541,7 +688,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -555,21 +703,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node templates available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -577,7 +731,9 @@ 
Method Details

     { # Contains a list of node templates.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeTemplate resources.
-    { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+    { # Represent a sole-tenant Node Template resource.
+        #
+        # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
       "accelerators": [
         { # A specification of the type and number of accelerator cards attached to the instance.
           "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -601,7 +757,9 @@ 
Method Details

         "a_key": "A String",
       },
       "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-      "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+      "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+          #
+          # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
         "cpus": "A String",
         "localSsd": "A String",
         "memory": "A String",
@@ -609,7 +767,11 @@ 
Method Details

       "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+      "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+          # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+          # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+          #
+          # See Sole-tenant node options for more information.
         "type": "A String",
       },
       "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -621,7 +783,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -647,7 +810,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -660,33 +823,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -694,95 +931,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -790,76 +1119,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -875,10 +1272,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.nodeTypes.html b/docs/dyn/compute_alpha.nodeTypes.html
index df50321b12e..4651c728ddd 100644
--- a/docs/dyn/compute_alpha.nodeTypes.html
+++ b/docs/dyn/compute_alpha.nodeTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . nodeTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, nodeType, x__xgafv=None)

+  get(project, zone, nodeType)

 
Returns the specified node type. Gets a list of available node types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of NodeTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node types.
       "nodeTypes": [ # [Output Only] A list of node types contained in this scope.
-        { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+        { # Represent a sole-tenant Node Type resource.
+            #
+            # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
           "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -129,7 +137,11 @@ 
Method Details

             "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
             "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
               "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+              "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+                  #
+                  # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+                  #
+                  # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
                 "a_key": "A String",
               },
             },
@@ -148,7 +160,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the node types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,7 +179,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,22 +211,20 @@ 
Method Details

 

 
 

-    get(project, zone, nodeType, x__xgafv=None)
+    get(project, zone, nodeType)
   
Returns the specified node type. Gets a list of available node types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeType: string, Name of the node type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+    { # Represent a sole-tenant Node Type resource.
+    #
+    # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
   "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -223,7 +235,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -242,21 +258,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -264,7 +286,9 @@ 
Method Details

     { # Contains a list of node types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeType resources.
-    { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+    { # Represent a sole-tenant Node Type resource.
+        #
+        # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
       "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -275,7 +299,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -297,7 +325,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.organizationSecurityPolicies.html b/docs/dyn/compute_alpha.organizationSecurityPolicies.html
index 3223860029e..329bb1ca49a 100644
--- a/docs/dyn/compute_alpha.organizationSecurityPolicies.html
+++ b/docs/dyn/compute_alpha.organizationSecurityPolicies.html
@@ -75,59 +75,59 @@
 
Compute Engine API . organizationSecurityPolicies

 
Instance Methods

 

-  addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)

+  addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None)

 
Inserts an association for the specified security policy.

 

-  addRule(securityPolicy, body=None, requestId=None, x__xgafv=None)

+  addRule(securityPolicy, body=None, requestId=None)

 
Inserts a rule into a security policy.

 

   close()

 
Close httplib2 connections.

 

-  copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None, x__xgafv=None)

+  copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None)

 
Copies rules to the specified security policy.

 

-  delete(securityPolicy, requestId=None, x__xgafv=None)

+  delete(securityPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(securityPolicy, x__xgafv=None)

+  get(securityPolicy)

 
List all of the ordered rules present in a single specified policy.

 

-  getAssociation(securityPolicy, name=None, x__xgafv=None)

+  getAssociation(securityPolicy, name=None)

 
Gets an association with the specified name.

 

-  getRule(securityPolicy, priority=None, x__xgafv=None)

+  getRule(securityPolicy, priority=None)

 
Gets a rule at the specified priority.

 

-  insert(body=None, parentId=None, requestId=None, x__xgafv=None)

+  insert(body=None, parentId=None, requestId=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
List all the policies that have been configured for the specified project.

 

-  listAssociations(targetResource=None, x__xgafv=None)

+  listAssociations(targetResource=None)

 
Lists associations of a specified target, i.e., organization or folder.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  move(securityPolicy, parentId=None, requestId=None, x__xgafv=None)

+  move(securityPolicy, parentId=None, requestId=None)

 
Moves the specified security policy.

 

-  patch(securityPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(securityPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 

-  patchRule(securityPolicy, body=None, priority=None, requestId=None, x__xgafv=None)

+  patchRule(securityPolicy, body=None, priority=None, requestId=None)

 
Patches a rule at the specified priority.

 

-  removeAssociation(securityPolicy, name=None, requestId=None, x__xgafv=None)

+  removeAssociation(securityPolicy, name=None, requestId=None)

 
Removes an association for the specified security policy.

 

-  removeRule(securityPolicy, priority=None, requestId=None, x__xgafv=None)

+  removeRule(securityPolicy, priority=None, requestId=None)

 
Deletes a rule at the specified priority.

 
Method Details

 

-    addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)
+    addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None)
   
Inserts an association for the specified security policy.
 
 Args:
@@ -143,16 +143,29 @@ 
Method Details

 }
 
   replaceExistingAssociation: boolean, Indicates whether or not to replace it if an association of the attachment already exists. This is false by default, in which case an error will be returned if an association already exists.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -187,7 +200,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -201,7 +215,7 @@ 
Method Details

 

 
 

-    addRule(securityPolicy, body=None, requestId=None, x__xgafv=None)
+    addRule(securityPolicy, body=None, requestId=None)
   
Inserts a rule into a security policy.
 
 Args:
@@ -213,7 +227,9 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "headerAction": { # Optional, additional actions that are performed on headers.
     "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
       {
@@ -225,21 +241,35 @@ 
Method Details

   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -248,7 +278,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -275,7 +323,9 @@ 
Method Details

   "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -283,16 +333,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -327,7 +390,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -346,22 +410,35 @@ 
Method Details

 

 
 

-    copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None, x__xgafv=None)
+    copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None)
   
Copies rules to the specified security policy.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceSecurityPolicy: string, The security policy from which to copy rules.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -396,7 +473,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -410,21 +488,34 @@ 
Method Details

 

 
 

-    delete(securityPolicy, requestId=None, x__xgafv=None)
+    delete(securityPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   securityPolicy: string, Name of the security policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -459,7 +550,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -473,20 +565,18 @@ 
Method Details

 

 
 

-    get(securityPolicy, x__xgafv=None)
+    get(securityPolicy)
   
List all of the ordered rules present in a single specified policy.
 
 Args:
   securityPolicy: string, Name of the security policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+    #
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -514,10 +604,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -530,7 +624,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -542,21 +638,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -565,7 +675,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -592,7 +720,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -607,16 +737,12 @@ 
Method Details

 

 
 

-    getAssociation(securityPolicy, name=None, x__xgafv=None)
+    getAssociation(securityPolicy, name=None)
   
Gets an association with the specified name.
 
 Args:
   securityPolicy: string, Name of the security policy to which the queried rule belongs. (required)
   name: string, The name of the association to get from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -630,16 +756,12 @@ 
Method Details

 

 
 

-    getRule(securityPolicy, priority=None, x__xgafv=None)
+    getRule(securityPolicy, priority=None)
   
Gets a rule at the specified priority.
 
 Args:
   securityPolicy: string, Name of the security policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -648,7 +770,9 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      #
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "headerAction": { # Optional, additional actions that are performed on headers.
     "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
       {
@@ -660,21 +784,35 @@ 
Method Details

   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -683,7 +821,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -710,7 +866,9 @@ 
Method Details

   "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      #
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -720,14 +878,16 @@ 
Method Details

 

 
 

-    insert(body=None, parentId=None, requestId=None, x__xgafv=None)
+    insert(body=None, parentId=None, requestId=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -755,10 +915,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -771,7 +935,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -783,21 +949,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -806,7 +986,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -833,7 +1031,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -847,16 +1047,29 @@ 
Method Details

 }
 
   parentId: string, Parent ID for this request. The ID can be either be "folders/[FOLDER_ID]" if the parent is a folder or "organizations/[ORGANIZATION_ID]" if the parent is an organization.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -891,7 +1104,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -905,20 +1119,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
List all the policies that have been configured for the specified project.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -927,7 +1147,9 @@ 
Method Details

   "etag": "A String",
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SecurityPolicy resources.
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+        #
+        # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
       "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
         "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
           "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -955,10 +1177,14 @@ 
Method Details

       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -971,7 +1197,9 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "headerAction": { # Optional, additional actions that are performed on headers.
             "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
               {
@@ -983,21 +1211,35 @@ 
Method Details

           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -1006,7 +1248,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1033,7 +1293,9 @@ 
Method Details

           "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1053,7 +1315,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1065,15 +1328,11 @@ 
Method Details

 

 
 

-    listAssociations(targetResource=None, x__xgafv=None)
+    listAssociations(targetResource=None)
   
Lists associations of a specified target, i.e., organization or folder.
 
 Args:
   targetResource: string, The target resource to list associations. It is an organization, or a folder.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1106,22 +1365,35 @@ 
Method Details

 

 
 

-    move(securityPolicy, parentId=None, requestId=None, x__xgafv=None)
+    move(securityPolicy, parentId=None, requestId=None)
   
Moves the specified security policy.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
   parentId: string, The new parent of the security policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1156,7 +1428,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1170,7 +1443,7 @@ 
Method Details

 

 
 

-    patch(securityPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(securityPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -1178,7 +1451,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -1206,10 +1481,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -1222,7 +1501,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -1234,21 +1515,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -1257,7 +1552,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1284,7 +1597,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1297,16 +1612,29 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1341,7 +1669,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1355,7 +1684,7 @@ 
Method Details

 

 
 

-    patchRule(securityPolicy, body=None, priority=None, requestId=None, x__xgafv=None)
+    patchRule(securityPolicy, body=None, priority=None, requestId=None)
   
Patches a rule at the specified priority.
 
 Args:
@@ -1367,7 +1696,9 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "headerAction": { # Optional, additional actions that are performed on headers.
     "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
       {
@@ -1379,21 +1710,35 @@ 
Method Details

   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -1402,7 +1747,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1429,7 +1792,9 @@ 
Method Details

   "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1438,16 +1803,29 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1482,7 +1860,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1496,22 +1875,35 @@ 
Method Details

 

 
 

-    removeAssociation(securityPolicy, name=None, requestId=None, x__xgafv=None)
+    removeAssociation(securityPolicy, name=None, requestId=None)
   
Removes an association for the specified security policy.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
   name: string, Name for the attachment that will be removed.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1546,7 +1938,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1560,22 +1953,35 @@ 
Method Details

 

 
 

-    removeRule(securityPolicy, priority=None, requestId=None, x__xgafv=None)
+    removeRule(securityPolicy, priority=None, requestId=None)
   
Deletes a rule at the specified priority.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
   priority: integer, The priority of the rule to remove from the security policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1610,7 +2016,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.packetMirrorings.html b/docs/dyn/compute_alpha.packetMirrorings.html
index b5dbde72232..6d92f985492 100644
--- a/docs/dyn/compute_alpha.packetMirrorings.html
+++ b/docs/dyn/compute_alpha.packetMirrorings.html
@@ -75,7 +75,7 @@
 
Compute Engine API . packetMirrorings

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of packetMirrorings.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, packetMirroring, requestId=None, x__xgafv=None)

+  delete(project, region, packetMirroring, requestId=None)

 
Deletes the specified PacketMirroring resource.

 

-  get(project, region, packetMirroring, x__xgafv=None)

+  get(project, region, packetMirroring)

 
Returns the specified PacketMirroring resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a PacketMirroring resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of PacketMirroring resources available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, packetMirroring, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, packetMirroring, body=None, requestId=None)

 
Patches the specified PacketMirroring resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of packetMirrorings.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,14 +136,18 @@ 
Method Details

   "items": { # A list of PacketMirroring resources.
     "a_key": { # Name of the scope containing this set of packetMirrorings.
       "packetMirrorings": [ # A list of packetMirrorings contained in this scope.
-        { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+        { # Represents a Packet Mirroring resource.
+            #
+            # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
           "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
             "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+          "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+              #
+              # The default is TRUE.
           "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
             "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
               "A String",
@@ -150,13 +160,19 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
           "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-            "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+            "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+                #
+                # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+                #
+                # You may specify a maximum of 50 Instances.
               {
                 "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
                 "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
               },
             ],
-            "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+            "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+                #
+                # You may specify a maximum of 5 subnetworks.
               {
                 "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
                 "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -171,7 +187,9 @@ 
Method Details

             "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
             "url": "A String", # URL of the network resource.
           },
-          "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+          "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+              #
+              # Default value is 1000. Valid range is 0 through 65535.
           "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -179,7 +197,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of packetMirrorings when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,7 +216,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -228,23 +248,36 @@ 
Method Details

 

 
 

-    delete(project, region, packetMirroring, requestId=None, x__xgafv=None)
+    delete(project, region, packetMirroring, requestId=None)
   
Deletes the specified PacketMirroring resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   packetMirroring: string, Name of the PacketMirroring resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -279,7 +312,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -293,29 +327,29 @@ 
Method Details

 

 
 

-    get(project, region, packetMirroring, x__xgafv=None)
+    get(project, region, packetMirroring)
   
Returns the specified PacketMirroring resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   packetMirroring: string, Name of the PacketMirroring resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+    { # Represents a Packet Mirroring resource.
+    #
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      #
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -328,13 +362,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -349,7 +389,9 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      #
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -357,7 +399,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a PacketMirroring resource in the specified project and region using the data included in the request.
 
 Args:
@@ -366,14 +408,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+{ # Represents a Packet Mirroring resource.
+    # 
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      # 
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -386,13 +432,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -407,22 +459,37 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      # 
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -457,7 +524,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -471,21 +539,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of PacketMirroring resources available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -493,14 +567,18 @@ 
Method Details

     { # Contains a list of PacketMirroring resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of PacketMirroring resources.
-    { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+    { # Represents a Packet Mirroring resource.
+        #
+        # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
       "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
         "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+      "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+          #
+          # The default is TRUE.
       "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
         "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
           "A String",
@@ -513,13 +591,19 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
       "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-        "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+        "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+            #
+            # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+            #
+            # You may specify a maximum of 50 Instances.
           {
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
             "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
           },
         ],
-        "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+        "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+            #
+            # You may specify a maximum of 5 subnetworks.
           {
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
             "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -534,7 +618,9 @@ 
Method Details

         "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
         "url": "A String", # URL of the network resource.
       },
-      "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+      "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+          #
+          # Default value is 1000. Valid range is 0 through 65535.
       "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -545,7 +631,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -571,7 +658,7 @@ 
Method Details

 

 
 

-    patch(project, region, packetMirroring, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, packetMirroring, body=None, requestId=None)
   
Patches the specified PacketMirroring resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -581,14 +668,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+{ # Represents a Packet Mirroring resource.
+    # 
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      # 
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -601,13 +692,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -622,22 +719,37 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      # 
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -672,7 +784,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -686,7 +799,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -702,10 +815,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.projects.html b/docs/dyn/compute_alpha.projects.html
index 01b6b935281..503acfed2c1 100644
--- a/docs/dyn/compute_alpha.projects.html
+++ b/docs/dyn/compute_alpha.projects.html
@@ -78,52 +78,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  disableXpnHost(project, requestId=None, x__xgafv=None)

+  disableXpnHost(project, requestId=None)

 
Disable this project as a shared VPC host project.

 

-  disableXpnResource(project, body=None, requestId=None, x__xgafv=None)

+  disableXpnResource(project, body=None, requestId=None)

 
Disable a service resource (also known as service project) associated with this host project.

 

-  enableXpnHost(project, requestId=None, x__xgafv=None)

+  enableXpnHost(project, requestId=None)

 
Enable this project as a shared VPC host project.

 

-  enableXpnResource(project, body=None, requestId=None, x__xgafv=None)

+  enableXpnResource(project, body=None, requestId=None)

 
Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.

 

-  get(project, x__xgafv=None)

+  get(project)

 
Returns the specified Project resource.

 

-  getXpnHost(project, x__xgafv=None)

+  getXpnHost(project)

 
Gets the shared VPC host project that this project links to. May be empty if no link exists.

 

-  getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Gets service resources (a.k.a service project) associated with this host project.

 

   getXpnResources_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all shared VPC host projects visible to the user in an organization.

 

   listXpnHosts_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  moveDisk(project, body=None, requestId=None, x__xgafv=None)

+  moveDisk(project, body=None, requestId=None)

 
Moves a persistent disk from one zone to another.

 

-  moveInstance(project, body=None, requestId=None, x__xgafv=None)

+  moveInstance(project, body=None, requestId=None)

 
Moves an instance and its attached persistent disks from one zone to another.

 

-  setCommonInstanceMetadata(project, body=None, requestId=None, x__xgafv=None)

+  setCommonInstanceMetadata(project, body=None, requestId=None)

 
Sets metadata common to all instances within the specified project using the data included in the request.

 

-  setDefaultNetworkTier(project, body=None, requestId=None, x__xgafv=None)

+  setDefaultNetworkTier(project, body=None, requestId=None)

 
Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.

 

-  setDefaultServiceAccount(project, body=None, requestId=None, x__xgafv=None)

+  setDefaultServiceAccount(project, body=None, requestId=None)

 
Sets the default service account of the project. The default service account is used when a VM instance is created with the service account email address set to "default".

 

-  setUsageExportBucket(project, body=None, requestId=None, x__xgafv=None)

+  setUsageExportBucket(project, body=None, requestId=None)

 
Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.

 
Method Details

 

@@ -132,21 +132,34 @@ 
Method Details

 

 
 

-    disableXpnHost(project, requestId=None, x__xgafv=None)
+    disableXpnHost(project, requestId=None)
   
Disable this project as a shared VPC host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -181,7 +194,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -195,7 +209,7 @@ 
Method Details

 

 
 

-    disableXpnResource(project, body=None, requestId=None, x__xgafv=None)
+    disableXpnResource(project, body=None, requestId=None)
   
Disable a service resource (also known as service project) associated with this host project.
 
 Args:
@@ -210,16 +224,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -254,7 +281,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -268,21 +296,34 @@ 
Method Details

 

 
 

-    enableXpnHost(project, requestId=None, x__xgafv=None)
+    enableXpnHost(project, requestId=None)
   
Enable this project as a shared VPC host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -317,7 +358,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -331,7 +373,7 @@ 
Method Details

 

 
 

-    enableXpnResource(project, body=None, requestId=None, x__xgafv=None)
+    enableXpnResource(project, body=None, requestId=None)
   
Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.
 
 Args:
@@ -346,16 +388,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -390,7 +445,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -404,24 +460,24 @@ 
Method Details

 

 
 

-    get(project, x__xgafv=None)
+    get(project)
   
Returns the specified Project resource.
 
 Args:
   project: string, Project ID for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+    #
+    # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
   "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -435,7 +491,7 @@ 
Method Details

   "enabledFeatures": [ # Restricted features enabled for use on this project.
     "A String",
   ],
-  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
   "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
   "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
   "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -456,24 +512,24 @@ 
Method Details

 

 
 

-    getXpnHost(project, x__xgafv=None)
+    getXpnHost(project)
   
Gets the shared VPC host project that this project links to. May be empty if no link exists.
 
 Args:
   project: string, Project ID for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+    #
+    # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
   "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -487,7 +543,7 @@ 
Method Details

   "enabledFeatures": [ # Restricted features enabled for use on this project.
     "A String",
   ],
-  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
   "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
   "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
   "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -508,20 +564,26 @@ 
Method Details

 

 
 

-    getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Gets service resources (a.k.a service project) associated with this host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -553,7 +615,7 @@ 
Method Details

 

 
 

-    listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all shared VPC host projects visible to the user in an organization.
 
 Args:
@@ -565,15 +627,21 @@ 
Method Details

   "organization": "A String", # Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -581,11 +649,15 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # [Output Only] A list of shared VPC host project URLs.
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+        #
+        # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
       "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+            #
+            # To see the latest fingerprint, make a get() request to retrieve the resource.
         "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-          { # Metadata
+          {
             "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
             "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
           },
@@ -599,7 +671,7 @@ 
Method Details

       "enabledFeatures": [ # Restricted features enabled for use on this project.
         "A String",
       ],
-      "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+      "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
       "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
       "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
       "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -623,7 +695,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -649,7 +722,7 @@ 
Method Details

 

 
 

-    moveDisk(project, body=None, requestId=None, x__xgafv=None)
+    moveDisk(project, body=None, requestId=None)
   
Moves a persistent disk from one zone to another.
 
 Args:
@@ -658,20 +731,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "destinationZone": "A String", # The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone: - https://www.googleapis.com/compute/v1/projects/project/zones/zone - projects/project/zones/zone - zones/zone
-  "targetDisk": "A String", # The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+  "destinationZone": "A String", # The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone
+      # - projects/project/zones/zone
+      # - zones/zone
+  "targetDisk": "A String", # The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -706,7 +798,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -720,7 +813,7 @@ 
Method Details

 

 
 

-    moveInstance(project, body=None, requestId=None, x__xgafv=None)
+    moveInstance(project, body=None, requestId=None)
   
Moves an instance and its attached persistent disks from one zone to another.
 
 Args:
@@ -729,20 +822,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "destinationZone": "A String", # The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone: - https://www.googleapis.com/compute/v1/projects/project/zones/zone - projects/project/zones/zone - zones/zone
-  "targetInstance": "A String", # The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "destinationZone": "A String", # The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone
+      # - projects/project/zones/zone
+      # - zones/zone
+  "targetInstance": "A String", # The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -777,7 +889,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -791,7 +904,7 @@ 
Method Details

 

 
 

-    setCommonInstanceMetadata(project, body=None, requestId=None, x__xgafv=None)
+    setCommonInstanceMetadata(project, body=None, requestId=None)
   
Sets metadata common to all instances within the specified project using the data included in the request.
 
 Args:
@@ -800,9 +913,11 @@ 
Method Details

     The object takes the form of:
 
 { # A metadata key/value entry.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve the resource.
   "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-    { # Metadata
+    {
       "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
       "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
     },
@@ -810,16 +925,29 @@ 
Method Details

   "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -854,7 +982,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -868,7 +997,7 @@ 
Method Details

 

 
 

-    setDefaultNetworkTier(project, body=None, requestId=None, x__xgafv=None)
+    setDefaultNetworkTier(project, body=None, requestId=None)
   
Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.
 
 Args:
@@ -880,16 +1009,29 @@ 
Method Details

   "networkTier": "A String", # Default network tier to be set.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -924,7 +1066,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -938,7 +1081,7 @@ 
Method Details

 

 
 

-    setDefaultServiceAccount(project, body=None, requestId=None, x__xgafv=None)
+    setDefaultServiceAccount(project, body=None, requestId=None)
   
Sets the default service account of the project. The default service account is used when a VM instance is created with the service account email address set to "default".
 
 Args:
@@ -950,16 +1093,29 @@ 
Method Details

   "email": "A String", # Email address of the service account.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -994,7 +1150,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1008,7 +1165,7 @@ 
Method Details

 

 
 

-    setUsageExportBucket(project, body=None, requestId=None, x__xgafv=None)
+    setUsageExportBucket(project, body=None, requestId=None)
   
Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.
 
 Args:
@@ -1021,16 +1178,29 @@ 
Method Details

   "reportNamePrefix": "A String", # An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1065,7 +1235,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html b/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html
index 8041a2b3144..66c653375f0 100644
--- a/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html
+++ b/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, publicAdvertisedPrefix, requestId=None, x__xgafv=None)

+  delete(project, publicAdvertisedPrefix, requestId=None)

 
Deletes the specified PublicAdvertisedPrefix

 

-  get(project, publicAdvertisedPrefix, x__xgafv=None)

+  get(project, publicAdvertisedPrefix)

 
Returns the specified PublicAdvertisedPrefix resource.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a PublicAdvertisedPrefix in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the PublicAdvertisedPrefixes for a project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, publicAdvertisedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, publicAdvertisedPrefix, body=None, requestId=None)

 
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, publicAdvertisedPrefix, requestId=None, x__xgafv=None)
+    delete(project, publicAdvertisedPrefix, requestId=None)
   
Deletes the specified PublicAdvertisedPrefix
 
 Args:
   project: string, Project ID for this request. (required)
   publicAdvertisedPrefix: string, Name of the PublicAdvertisedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -152,7 +165,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,16 +180,12 @@ 
Method Details

 

 
 

-    get(project, publicAdvertisedPrefix, x__xgafv=None)
+    get(project, publicAdvertisedPrefix)
   
Returns the specified PublicAdvertisedPrefix resource.
 
 Args:
   project: string, Project ID for this request. (required)
   publicAdvertisedPrefix: string, Name of the PublicAdvertisedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -184,7 +194,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -206,7 +218,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a PublicAdvertisedPrefix in the specified project using the parameters that are included in the request.
 
 Args:
@@ -218,7 +230,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -238,16 +252,29 @@ 
Method Details

   "status": "A String", # The status of the public advertised prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -282,7 +309,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -296,20 +324,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the PublicAdvertisedPrefixes for a project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -321,7 +355,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
       "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -346,7 +382,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -372,7 +409,7 @@ 
Method Details

 

 
 

-    patch(project, publicAdvertisedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, publicAdvertisedPrefix, body=None, requestId=None)
   
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -385,7 +422,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -405,16 +444,29 @@ 
Method Details

   "status": "A String", # The status of the public advertised prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -449,7 +501,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.publicDelegatedPrefixes.html b/docs/dyn/compute_alpha.publicDelegatedPrefixes.html
index c6bb910273c..40b81a00a01 100644
--- a/docs/dyn/compute_alpha.publicDelegatedPrefixes.html
+++ b/docs/dyn/compute_alpha.publicDelegatedPrefixes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . publicDelegatedPrefixes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all PublicDelegatedPrefix resources owned by the specific project across all scopes.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, publicDelegatedPrefix, requestId=None, x__xgafv=None)

+  delete(project, region, publicDelegatedPrefix, requestId=None)

 
Deletes the specified PublicDelegatedPrefix in the given region.

 

-  get(project, region, publicDelegatedPrefix, x__xgafv=None)

+  get(project, region, publicDelegatedPrefix)

 
Returns the specified PublicDelegatedPrefix resource in the given region.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a PublicDelegatedPrefix in the specified project in the given region using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the PublicDelegatedPrefixes for a project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, publicDelegatedPrefix, body=None, requestId=None)

 
Patches the specified PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all PublicDelegatedPrefix resources owned by the specific project across all scopes.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,9 @@ 
Method Details

         { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
           "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
           "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
           "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -156,7 +164,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of public delegated prefixes when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -174,7 +183,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -205,23 +215,36 @@ 
Method Details

 

 
 

-    delete(project, region, publicDelegatedPrefix, requestId=None, x__xgafv=None)
+    delete(project, region, publicDelegatedPrefix, requestId=None)
   
Deletes the specified PublicDelegatedPrefix in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -256,7 +279,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -270,17 +294,13 @@ 
Method Details

 

 
 

-    get(project, region, publicDelegatedPrefix, x__xgafv=None)
+    get(project, region, publicDelegatedPrefix)
   
Returns the specified PublicDelegatedPrefix resource in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -288,7 +308,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -314,7 +336,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a PublicDelegatedPrefix in the specified project in the given region using the parameters that are included in the request.
 
 Args:
@@ -326,7 +348,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -350,16 +374,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -394,7 +431,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -408,21 +446,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the PublicDelegatedPrefixes for a project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -433,7 +477,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
       "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -462,7 +508,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -488,7 +535,7 @@ 
Method Details

 

 
 

-    patch(project, region, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, publicDelegatedPrefix, body=None, requestId=None)
   
Patches the specified PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -501,7 +548,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -525,16 +574,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -569,7 +631,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionAutoscalers.html b/docs/dyn/compute_alpha.regionAutoscalers.html
index 8fa816deb60..bda07c566dd 100644
--- a/docs/dyn/compute_alpha.regionAutoscalers.html
+++ b/docs/dyn/compute_alpha.regionAutoscalers.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, autoscaler, requestId=None, x__xgafv=None)

+  delete(project, region, autoscaler, requestId=None)

 
Deletes the specified autoscaler.

 

-  get(project, region, autoscaler, x__xgafv=None)

+  get(project, region, autoscaler)

 
Returns the specified autoscaler.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an autoscaler in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of autoscalers contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  update(project, region, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request.

 
Method Details

 

@@ -108,23 +108,36 @@ 
Method Details

 

 
 

-    delete(project, region, autoscaler, requestId=None, x__xgafv=None)
+    delete(project, region, autoscaler, requestId=None)
   
Deletes the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   autoscaler: string, Name of the autoscaler to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -159,7 +172,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,34 +187,69 @@ 
Method Details

 

 
 

-    get(project, region, autoscaler, x__xgafv=None)
+    get(project, region, autoscaler)
   
Returns the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   autoscaler: string, Name of the autoscaler to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+    #
+    # Google Compute Engine has two Autoscaler resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    #
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    #
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    #
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      #
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -212,7 +261,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -220,7 +273,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -233,7 +290,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -253,11 +310,31 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -266,7 +343,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -275,19 +352,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -299,7 +415,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -307,7 +427,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -320,7 +444,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -340,27 +464,60 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
   "zone": "A String", # [Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -395,7 +552,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -409,21 +567,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of autoscalers contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -431,19 +595,58 @@ 
Method Details

     { # Contains a list of autoscalers.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Autoscaler resources.
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+        #
+        # Google Compute Engine has two Autoscaler resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+        #
+        # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+        #
+        # For zonal managed instance groups resource, use the autoscaler resource.
+        #
+        # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+          #
+          # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+            #
+            # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
         "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+              #
+              # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+              #
+              # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+              #
+              # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
         },
         "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
           { # Custom utilization metric policy.
-            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                #
+                # For the filter to be valid for autoscaling purposes, the following rules apply:
+                # - You can only use the AND operator for joining selectors.
+                # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                #
+                # If not specified, the type defaults to gce_instance.
+                #
+                # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                #
+                # The metric must have a value type of INT64 or DOUBLE.
+            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                #
+                # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                #
+                # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                #
+                # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
             "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
           },
         ],
@@ -455,7 +658,11 @@ 
Method Details

         "mode": "A String", # Defines operating mode for this policy.
         "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -463,7 +670,11 @@ 
Method Details

         },
         "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -476,7 +687,7 @@ 
Method Details

             "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
             "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
             "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
           },
         },
       },
@@ -496,11 +707,31 @@ 
Method Details

       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+          # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+          # - DELETING: Configuration is being deleted.
+          # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+          # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
       "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
         {
           "message": "A String", # The status message.
-          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+              # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+              # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+              # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+              # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+              # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+              # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+              # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+              # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+              # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+              # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+              # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+              # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+              # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+              # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+              # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+              # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
         },
       ],
       "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -512,7 +743,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -538,7 +770,7 @@ 
Method Details

 

 
 

-    patch(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -547,19 +779,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -571,7 +842,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -579,7 +854,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -592,7 +871,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -612,11 +891,31 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -624,16 +923,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -668,7 +980,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -682,7 +995,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -698,10 +1011,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -714,7 +1023,7 @@ 
Method Details

 

 
 

-    update(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    update(project, region, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -723,19 +1032,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/alpha/autoscalers) * [Regional](/compute/docs/reference/rest/alpha/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -747,7 +1095,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -755,7 +1107,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -768,7 +1124,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -788,11 +1144,31 @@ 
Method Details

   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -800,16 +1176,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to update.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -844,7 +1233,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionBackendServices.html b/docs/dyn/compute_alpha.regionBackendServices.html
index abd723d52da..cfedcf40147 100644
--- a/docs/dyn/compute_alpha.regionBackendServices.html
+++ b/docs/dyn/compute_alpha.regionBackendServices.html
@@ -78,38 +78,38 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, backendService, requestId=None, x__xgafv=None)

+  delete(project, region, backendService, requestId=None)

 
Deletes the specified regional BackendService resource.

 

-  get(project, region, backendService, x__xgafv=None)

+  get(project, region, backendService)

 
Returns the specified regional BackendService resource.

 

-  getHealth(project, region, backendService, body=None, x__xgafv=None)

+  getHealth(project, region, backendService, body=None)

 
Gets the most recent health check results for this regional BackendService.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

-
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.

+  insert(project, region, body=None, requestId=None)

+
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of regional BackendService resources available to the specified project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, backendService, body=None, requestId=None, x__xgafv=None)

-
Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+  patch(project, region, backendService, body=None, requestId=None)

+
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, backendService, body=None, requestId=None, x__xgafv=None)

-
Updates the specified regional BackendService resource with the data included in the request. For more information, see Backend services overview .

+  update(project, region, backendService, body=None, requestId=None)

+
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Backend services overview.

 
Method Details

 

     close()
@@ -117,23 +117,36 @@ 
Method Details

 

 
 

-    delete(project, region, backendService, requestId=None, x__xgafv=None)
+    delete(project, region, backendService, requestId=None)
   
Deletes the specified regional BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   backendService: string, Name of the BackendService resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -168,7 +181,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -182,40 +196,80 @@ 
Method Details

 

 
 

-    get(project, region, backendService, x__xgafv=None)
+    get(project, region, backendService)
   
Returns the specified regional BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   backendService: string, Name of the BackendService resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+    #
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    #
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    #
+    # For more information, see Backend Services.
+    #
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      #
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -238,7 +292,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -267,16 +327,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -299,12 +381,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -315,24 +401,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      #
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -351,12 +460,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      #
+      #
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      #
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      #
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -367,7 +488,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -397,7 +528,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -419,7 +552,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -514,7 +649,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -526,7 +664,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -548,7 +688,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -573,13 +715,26 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      #
+      # When the loadBalancingScheme is EXTERNAL:
+      #
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      #
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      #
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
@@ -588,7 +743,7 @@ 
Method Details

 

 
 

-    getHealth(project, region, backendService, body=None, x__xgafv=None)
+    getHealth(project, region, backendService, body=None)
   
Gets the most recent health check results for this regional BackendService.
 
 Args:
@@ -602,10 +757,6 @@ 
Method Details

   "group": "A String", # A URI referencing one of the instance groups or network endpoint groups listed in the backend service.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -634,7 +785,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -642,27 +793,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -670,77 +845,145 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
-  
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.
+    insert(project, region, body=None, requestId=None)
+  
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -748,25 +991,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -789,7 +1076,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -818,16 +1111,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -850,12 +1165,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -866,24 +1185,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -902,12 +1244,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -918,7 +1272,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -948,7 +1312,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -970,7 +1336,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1065,7 +1433,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -1077,7 +1448,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1099,7 +1472,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1124,29 +1499,55 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1181,7 +1582,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1195,21 +1597,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of regional BackendService resources available to the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1217,25 +1625,69 @@ 
Method Details

     { # Contains a list of BackendService resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendService resources.
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+        #
+        # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+        #
+        # Backend services in Google Compute Engine can be either regionally or globally scoped.
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+        #
+        # For more information, see Backend Services.
+        #
+        # (== resource_for {$api_version}.backendService ==)
+      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+          #
+          # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backends": [ # The list of backends that serve this BackendService.
         { # Message containing information of one individual backend.
-          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+              #
+              # Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+              #
+              # For regional services, the backend must be in the same region as the backend service.
+              #
+              # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
           "maxUtilization": 3.14,
         },
       ],
-      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
           { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
             "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1258,7 +1710,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1287,16 +1745,38 @@ 
Method Details

         "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       },
-      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
       "connectionDraining": { # Message containing connection draining configuration.
         "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
       },
       "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+            #
+            # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+            #
+            # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+            #
+            # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+            #
+            # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+            #
+            # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+            #
+            # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+            #
+            # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+            #
+            # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
       },
-      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
           "name": "A String", # Name of the cookie.
           "path": "A String", # Path to set for the cookie.
@@ -1319,12 +1799,16 @@ 
Method Details

       "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
       "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
       "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+            #
+            # The default is false.
         "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
         "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
       },
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
         "A String",
       ],
       "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -1335,24 +1819,47 @@ 
Method Details

           "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
           "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
         },
-        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
         "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
       },
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+          # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+          # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+          # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+          # - RANDOM: The load balancer selects a random healthy host.
+          # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+          # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+          #
+          # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
         "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
         "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+          # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+          # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1371,12 +1878,24 @@ 
Method Details

         "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
         "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
       },
-      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-      "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+          #
+          #
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+      "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+          #
+          # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+          #
+          # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
       "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
         "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
         "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
           "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -1387,7 +1906,17 @@ 
Method Details

                 ],
                 "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
                 "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-                "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+                "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                    #
+                    # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                    #
+                    # Authorization: Bearer .
+                    #
+                    # 2. `access_token` query parameter. See `this `_
+                    #
+                    # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                    #
+                    # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
                   { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                     "name": "A String", # The HTTP header name.
                     "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -1417,7 +1946,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1439,7 +1970,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1534,7 +2067,10 @@ 
Method Details

             },
           ],
         },
-        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+            # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            # If left blank, communications are not encrypted.
+            # Note: This field currently has no impact.
         "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
           "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
             "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -1546,7 +2082,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1568,7 +2106,9 @@ 
Method Details

               "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
                 "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                   "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                    "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                        # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                        # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                     "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                       "name": "A String", # Plugin name.
                       "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1593,13 +2133,26 @@ 
Method Details

             "A String",
           ],
         },
-        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+            # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+            # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+            # Note: This field currently has no impact.
           "A String",
         ],
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+          #
+          # When the loadBalancingScheme is EXTERNAL:
+          #
+          # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+          #
+          # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+          #
+          # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
         "policy": "A String",
       },
@@ -1611,7 +2164,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1637,8 +2191,8 @@ 
Method Details

 

 
 

-    patch(project, region, backendService, body=None, requestId=None, x__xgafv=None)
-  
Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
+    patch(project, region, backendService, body=None, requestId=None)
+  
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1647,25 +2201,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1688,7 +2286,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1717,16 +2321,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1749,12 +2375,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -1765,24 +2395,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1801,12 +2454,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -1817,7 +2482,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -1847,7 +2522,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1869,7 +2546,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1964,7 +2643,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -1976,7 +2658,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -1998,7 +2682,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2023,29 +2709,55 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2080,7 +2792,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2094,7 +2807,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -2107,33 +2820,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -2141,95 +2928,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -2237,76 +3116,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -2322,10 +3269,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2338,8 +3281,8 @@ 
Method Details

 

 
 

-    update(project, region, backendService, body=None, requestId=None, x__xgafv=None)
-  
Updates the specified regional BackendService resource with the data included in the request. For more information, see Backend services overview .
+    update(project, region, backendService, body=None, requestId=None)
+  
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2348,25 +3291,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/alpha/backendServices) * [Regional](/compute/docs/reference/rest/alpha/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -2389,7 +3376,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -2418,16 +3411,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -2450,12 +3465,16 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
@@ -2466,24 +3485,47 @@ 
Method Details

       "clientName": "A String", # Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend.
       "developerEmailAddress": "A String", # Developer's information to be used in OAuth consent screen.
     },
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -2502,12 +3544,24 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
     "authenticationPolicy": { # [Deprecated] The authentication settings for the backend service. The authentication settings for the backend service. # [Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.
       "origins": [ # List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required.
@@ -2518,7 +3572,17 @@ 
Method Details

             ],
             "issuer": "A String", # Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com
             "jwksPublicKeys": "A String", # The provider's public key set to validate the signature of the JWT.
-            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
+            "jwtHeaders": [ # jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order:
+                #
+                # 1. The Authorization header using the Bearer schema. See `here `_. Example:
+                #
+                # Authorization: Bearer .
+                #
+                # 2. `access_token` query parameter. See `this `_
+                #
+                # Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations.
+                #
+                # This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: .
               { # [Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.
                 "name": "A String", # The HTTP header name.
                 "valuePrefix": "A String", # The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end.
@@ -2548,7 +3612,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2570,7 +3636,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2665,7 +3733,10 @@ 
Method Details

         },
       ],
     },
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
     "clientTlsSettings": { # [Deprecated] The client side authentication settings for connection originating from the backend service. the backend service. # [Deprecated] TLS Settings for the backend service.
       "clientTlsContext": { # [Deprecated] The TLS settings for the client or server. The TLS settings for the client or server. # Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL.
         "certificateContext": { # [Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate. # Defines the mechanism to obtain the client or server certificate.
@@ -2677,7 +3748,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2699,7 +3772,9 @@ 
Method Details

           "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
             "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
               "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                    # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                    # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                 "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                   "name": "A String", # Plugin name.
                   "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -2724,29 +3799,55 @@ 
Method Details

         "A String",
       ],
     },
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2781,7 +3882,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionCommitments.html b/docs/dyn/compute_alpha.regionCommitments.html
index f6b81818707..6b2bc8bf9e3 100644
--- a/docs/dyn/compute_alpha.regionCommitments.html
+++ b/docs/dyn/compute_alpha.regionCommitments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . regionCommitments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of commitments.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, commitment, x__xgafv=None)

+  get(project, region, commitment)

 
Returns the specified commitment resource. Gets a list of available commitments by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a commitment in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of commitments contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, commitment, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)

+  update(project, region, commitment, body=None, paths=None, requestId=None)

 
Updates the specified commitment with the data included in the request. Update is performed only on selected fields included as part of update-mask. Only the following fields can be modified: auto_renew.

 

-  updateReservations(project, region, commitment, body=None, requestId=None, x__xgafv=None)

+  updateReservations(project, region, commitment, body=None, requestId=None)

 
Transfers GPUs or local SSDs between reservations within commitments.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of commitments.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,9 @@ 
Method Details

   "items": { # A list of CommitmentsScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of commitments.
       "commitments": [ # [Output Only] A list of commitments contained in this scope.
-        { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+        { # Represents a regional Commitment resource.
+            #
+            # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
           "autoRenew": True or False, # Specifies whether to enable automatic renewal for the commitment. The default value is false if not specified. The field can be updated until the day of the commitment expiration at 12:00am PST. If the field is set to true, the commitment will be automatically renewed for either one or three years according to the terms of the existing commitment.
           "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -147,7 +155,7 @@ 
Method Details

           "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
           "region": "A String", # [Output Only] URL of the region where this commitment may be used.
           "reservations": [ # List of reservations in this commitment.
-            { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+            { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
               "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
               "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -208,7 +216,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of commitments when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -226,7 +235,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -257,22 +267,20 @@ 
Method Details

 

 
 

-    get(project, region, commitment, x__xgafv=None)
+    get(project, region, commitment)
   
Returns the specified commitment resource. Gets a list of available commitments by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   commitment: string, Name of the commitment to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+    { # Represents a regional Commitment resource.
+    #
+    # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
   "autoRenew": True or False, # Specifies whether to enable automatic renewal for the commitment. The default value is false if not specified. The field can be updated until the day of the commitment expiration at 12:00am PST. If the field is set to true, the commitment will be automatically renewed for either one or three years according to the terms of the existing commitment.
   "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -289,7 +297,7 @@ 
Method Details

   "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
   "region": "A String", # [Output Only] URL of the region where this commitment may be used.
   "reservations": [ # List of reservations in this commitment.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -350,7 +358,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a commitment in the specified project using the data included in the request.
 
 Args:
@@ -359,7 +367,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+{ # Represents a regional Commitment resource.
+    # 
+    # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
   "autoRenew": True or False, # Specifies whether to enable automatic renewal for the commitment. The default value is false if not specified. The field can be updated until the day of the commitment expiration at 12:00am PST. If the field is set to true, the commitment will be automatically renewed for either one or three years according to the terms of the existing commitment.
   "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -376,7 +386,7 @@ 
Method Details

   "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
   "region": "A String", # [Output Only] URL of the region where this commitment may be used.
   "reservations": [ # List of reservations in this commitment.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -435,16 +445,29 @@ 
Method Details

   "type": "A String", # The type of commitment, which affects the discount rate and the eligible resources. Type MEMORY_OPTIMIZED specifies a commitment that will only apply to memory optimized machines. Type ACCELERATOR_OPTIMIZED specifies a commitment that will only apply to accelerator optimized machines.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -479,7 +502,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -493,21 +517,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of commitments contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -515,7 +545,9 @@ 
Method Details

     { # Contains a list of Commitment resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Commitment resources.
-    { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+    { # Represents a regional Commitment resource.
+        #
+        # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
       "autoRenew": True or False, # Specifies whether to enable automatic renewal for the commitment. The default value is false if not specified. The field can be updated until the day of the commitment expiration at 12:00am PST. If the field is set to true, the commitment will be automatically renewed for either one or three years according to the terms of the existing commitment.
       "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -532,7 +564,7 @@ 
Method Details

       "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
       "region": "A String", # [Output Only] URL of the region where this commitment may be used.
       "reservations": [ # List of reservations in this commitment.
-        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
           "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -596,7 +628,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -622,7 +655,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -638,10 +671,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -654,7 +683,7 @@ 
Method Details

 

 
 

-    update(project, region, commitment, body=None, paths=None, requestId=None, updateMask=None, x__xgafv=None)
+    update(project, region, commitment, body=None, paths=None, requestId=None)
   
Updates the specified commitment with the data included in the request. Update is performed only on selected fields included as part of update-mask. Only the following fields can be modified: auto_renew.
 
 Args:
@@ -664,7 +693,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+{ # Represents a regional Commitment resource.
+    # 
+    # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
   "autoRenew": True or False, # Specifies whether to enable automatic renewal for the commitment. The default value is false if not specified. The field can be updated until the day of the commitment expiration at 12:00am PST. If the field is set to true, the commitment will be automatically renewed for either one or three years according to the terms of the existing commitment.
   "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -681,7 +712,7 @@ 
Method Details

   "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
   "region": "A String", # [Output Only] URL of the region where this commitment may be used.
   "reservations": [ # List of reservations in this commitment.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -740,18 +771,30 @@ 
Method Details

   "type": "A String", # The type of commitment, which affects the discount rate and the eligible resources. Type MEMORY_OPTIMIZED specifies a commitment that will only apply to memory optimized machines. Type ACCELERATOR_OPTIMIZED specifies a commitment that will only apply to accelerator optimized machines.
 }
 
-  paths: string, A parameter (repeated)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  updateMask: string, update_mask indicates fields to be updated as part of this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  paths: string, The set of field mask paths. (repeated)
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -786,7 +829,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -800,7 +844,7 @@ 
Method Details

 

 
 

-    updateReservations(project, region, commitment, body=None, requestId=None, x__xgafv=None)
+    updateReservations(project, region, commitment, body=None, requestId=None)
   
Transfers GPUs or local SSDs between reservations within commitments.
 
 Args:
@@ -812,7 +856,7 @@ 
Method Details

 
 {
   "reservations": [ # A list of two reservations to transfer GPUs and local SSD between.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -858,16 +902,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -902,7 +959,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionDiskTypes.html b/docs/dyn/compute_alpha.regionDiskTypes.html
index 5b14af9f8a7..103e80b74af 100644
--- a/docs/dyn/compute_alpha.regionDiskTypes.html
+++ b/docs/dyn/compute_alpha.regionDiskTypes.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, diskType, x__xgafv=None)

+  get(project, region, diskType)

 
Returns the specified regional disk type. Gets a list of available disk types by making a list() request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of regional disk types available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,22 +93,28 @@ 
Method Details

 

 
 

-    get(project, region, diskType, x__xgafv=None)
+    get(project, region, diskType)
   
Returns the specified regional disk type. Gets a list of available disk types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   diskType: string, Name of the disk type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/alpha/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/alpha/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+    #
+    # Google Compute Engine has two Disk Type resources:
+    #
+    # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+    #
+    # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+    #
+    # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -119,7 +125,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -137,21 +147,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of regional disk types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -159,7 +175,17 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of DiskType resources.
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/alpha/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/alpha/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+        #
+        # Google Compute Engine has two Disk Type resources:
+        #
+        # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+        #
+        # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+        #
+        # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -170,7 +196,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -191,7 +221,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionDisks.html b/docs/dyn/compute_alpha.regionDisks.html
index cf72ea86f3c..9dfeebc8a4c 100644
--- a/docs/dyn/compute_alpha.regionDisks.html
+++ b/docs/dyn/compute_alpha.regionDisks.html
@@ -75,50 +75,50 @@
 
Compute Engine API . regionDisks

 
Instance Methods

 

-  addResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, region, disk, body=None, requestId=None)

 
Adds existing resource policies to a regional disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.

 

   close()

 
Close httplib2 connections.

 

-  createSnapshot(project, region, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)

+  createSnapshot(project, region, disk, body=None, guestFlush=None, requestId=None)

 
Creates a snapshot of this regional disk.

 

-  delete(project, region, disk, requestId=None, x__xgafv=None)

+  delete(project, region, disk, requestId=None)

 
Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.

 

-  get(project, region, disk, x__xgafv=None)

+  get(project, region, disk)

 
Returns a specified regional persistent disk.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, sourceImage=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, sourceImage=None)

 
Creates a persistent regional disk in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of persistent disks contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, region, disk, body=None, requestId=None)

 
Removes resource policies from a regional disk.

 

-  resize(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  resize(project, region, disk, body=None, requestId=None)

 
Resizes the specified regional persistent disk.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on the target regional disk.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, region, disk, body=None, requestId=None)
   
Adds existing resource policies to a regional disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.
 
 Args:
@@ -134,16 +134,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -178,7 +191,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,7 +211,7 @@ 
Method Details

 

 
 

-    createSnapshot(project, region, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)
+    createSnapshot(project, region, disk, body=None, guestFlush=None, requestId=None)
   
Creates a snapshot of this regional disk.
 
 Args:
@@ -207,7 +221,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -215,14 +231,16 @@ 
Method Details

   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -237,11 +255,22 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -249,7 +278,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -262,16 +296,29 @@ 
Method Details

 }
 
   guestFlush: boolean, [Input Only] Specifies to create an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -306,7 +353,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -320,23 +368,36 @@ 
Method Details

 

 
 

-    delete(project, region, disk, requestId=None, x__xgafv=None)
+    delete(project, region, disk, requestId=None)
   
Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   disk: string, Name of the regional persistent disk to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -371,7 +432,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -385,41 +447,60 @@ 
Method Details

 

 
 

-    get(project, region, disk, x__xgafv=None)
+    get(project, region, disk)
   
Returns a specified regional persistent disk.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   disk: string, Name of the regional persistent disk to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+    #
+    # Google Compute Engine has two Disk resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    #
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    #
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      #
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -447,36 +528,84 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      #
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      #
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      #
+      #
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      #
+      #
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      #
+      #
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-  "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - global/inPlaceSnapshots/inPlaceSnapshots
+  "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - zones/zone/instantSnapshots/instantSnapshot
   "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+      # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
     "A String",
   ],
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -487,7 +616,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -495,27 +624,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -523,76 +676,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, sourceImage=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, sourceImage=None)
   
Creates a persistent regional disk in the specified project using the data included in the request.
 
 Args:
@@ -601,26 +822,49 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+{ # Represents a Persistent Disk resource.
+    # 
+    # Google Compute Engine has two Disk resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    # 
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    # 
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    # 
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      # 
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -648,36 +892,84 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      # 
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      # 
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      # 
+      # 
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      # 
+      # 
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      # 
+      # 
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-  "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+  "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+      # - global/inPlaceSnapshots/inPlaceSnapshots
+  "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+  "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+      # - zones/zone/instantSnapshots/instantSnapshot
   "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+  "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+      # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
     "A String",
   ],
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -686,17 +978,30 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceImage: string, Source image to restore onto a disk. This field is optional.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -731,7 +1036,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -745,21 +1051,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of persistent disks contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -767,26 +1079,49 @@ 
Method Details

     { # A list of Disk resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Disk resources.
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/alpha/disks) * [Regional](/compute/docs/reference/rest/alpha/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+        #
+        # Google Compute Engine has two Disk resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+        #
+        # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+        #
+        # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+          #
+          # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
       "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a disk.
       "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -814,36 +1149,84 @@ 
Method Details

       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+          #
+          # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+          #
+          # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+          # projects/debian-cloud/global/images/family/debian-9
+          #
+          #
+          # Alternatively, use a specific version of a public operating system image:
+          # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+          #
+          #
+          # To create a disk with a custom image that you created, specify the image name in the following format:
+          # global/images/my-custom-image
+          #
+          #
+          # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+          # global/images/family/my-image-family
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-      "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/inPlaceSnapshots/inPlaceSnapshots - projects/project/global/inPlaceSnapshots/inPlaceSnapshots - global/inPlaceSnapshots/inPlaceSnapshots
-      "sourceInPlaceSnapshotId": "A String", # Deprecated The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
-      "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instantSnapshots/instantSnapshot - projects/project/zones/zone/instantSnapshots/instantSnapshot - zones/zone/instantSnapshots/instantSnapshot
+      "sourceInPlaceSnapshot": "A String", # [Deprecated] The source in-place snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+          # - projects/project/global/inPlaceSnapshots/inPlaceSnapshots
+          # - global/inPlaceSnapshots/inPlaceSnapshots
+      "sourceInPlaceSnapshotId": "A String", # [Deprecated] [Output Only] The unique ID of the in-place snapshot used to create this disk. This value identifies the exact in-place snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an in-place snapshot that was later deleted and recreated under the same name, the source in-place snapshot ID would identify the exact version of the in-place snapshot that was used.
+      "sourceInstantSnapshot": "A String", # The source instant snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instantSnapshots/instantSnapshot
+          # - projects/project/zones/zone/instantSnapshots/instantSnapshot
+          # - zones/zone/instantSnapshots/instantSnapshot
       "sourceInstantSnapshotId": "A String", # [Output Only] The unique ID of the instant snapshot used to create this disk. This value identifies the exact instant snapshot that was used to create this persistent disk. For example, if you created the persistent disk from an instant snapshot that was later deleted and recreated under the same name, the source instant snapshot ID would identify the exact version of the instant snapshot that was used.
-      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+          # - projects/project/global/snapshots/snapshot
+          # - global/snapshots/snapshot
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
       "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-      "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+      "status": "A String", # [Output Only] The status of disk creation.
+          # - CREATING: Disk is provisioning.
+          # - RESTORING: Source data is being copied into the disk.
+          # - FAILED: Disk creation failed.
+          # - READY: Disk is ready for use.
+          # - DELETING: Disk is deleting.
       "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-      "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
+      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
+      "userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user provided licenses can be modified after the disk is created. This includes a list of URLs to the license resource. For example, to provide a debian license:
+          # https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
         "A String",
       ],
       "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
@@ -857,7 +1240,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -883,7 +1267,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, region, disk, body=None, requestId=None)
   
Removes resource policies from a regional disk.
 
 Args:
@@ -899,16 +1283,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -943,7 +1340,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -957,7 +1355,7 @@ 
Method Details

 

 
 

-    resize(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    resize(project, region, disk, body=None, requestId=None)
   
Resizes the specified regional persistent disk.
 
 Args:
@@ -971,16 +1369,29 @@ 
Method Details

   "sizeGb": "A String", # The new size of the regional persistent disk, which is specified in GB.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1015,7 +1426,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1029,7 +1441,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1042,33 +1454,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1076,95 +1562,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1172,76 +1750,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on the target regional disk.
 
 Args:
@@ -1258,16 +1904,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1302,7 +1961,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1316,7 +1976,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1332,10 +1992,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionHealthCheckServices.html b/docs/dyn/compute_alpha.regionHealthCheckServices.html
index 282ee8ae5e1..5f05facfaf8 100644
--- a/docs/dyn/compute_alpha.regionHealthCheckServices.html
+++ b/docs/dyn/compute_alpha.regionHealthCheckServices.html
@@ -75,7 +75,7 @@
 
Compute Engine API . regionHealthCheckServices

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all HealthCheckService resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, healthCheckService, requestId=None, x__xgafv=None)

+  delete(project, region, healthCheckService, requestId=None)

 
Deletes the specified regional HealthCheckService.

 

-  get(project, region, healthCheckService, x__xgafv=None)

+  get(project, region, healthCheckService)

 
Returns the specified regional HealthCheckService resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a regional HealthCheckService resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the HealthCheckService resources that have been configured for the specified project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, healthCheckService, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, healthCheckService, body=None, requestId=None)

 
Updates the specified regional HealthCheckService resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all HealthCheckService resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -131,14 +137,22 @@ 
Method Details

     "a_key": { # Name of the scope containing this set of HealthCheckServices.
       "resources": [ # A list of HealthCheckServices contained in this scope.
         { # Represents a Health-Check as a Service resource.
+            #
+            # (== resource_for {$api_version}.regionHealthCheckServices ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
           "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
             "A String",
           ],
-          "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-          "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+          "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+              # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+              # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+          "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+              #
+              # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+              # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+              # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
           "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -155,7 +169,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,7 +188,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -204,23 +220,36 @@ 
Method Details

 

 
 

-    delete(project, region, healthCheckService, requestId=None, x__xgafv=None)
+    delete(project, region, healthCheckService, requestId=None)
   
Deletes the specified regional HealthCheckService.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheckService: string, Name of the HealthCheckService to delete. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -255,7 +284,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -269,30 +299,34 @@ 
Method Details

 

 
 

-    get(project, region, healthCheckService, x__xgafv=None)
+    get(project, region, healthCheckService)
   
Returns the specified regional HealthCheckService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheckService: string, Name of the HealthCheckService to update. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     { # Represents a Health-Check as a Service resource.
+    #
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+      #
+      # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -309,7 +343,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a regional HealthCheckService resource in the specified project and region using the data included in the request.
 
 Args:
@@ -319,14 +353,22 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Health-Check as a Service resource.
+    # 
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+      # 
+      # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -341,16 +383,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL with id for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -385,7 +440,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -399,21 +455,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the HealthCheckService resources that have been configured for the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -422,14 +484,22 @@ 
Method Details

   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheckService resources.
     { # Represents a Health-Check as a Service resource.
+        #
+        # (== resource_for {$api_version}.regionHealthCheckServices ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
       "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
         "A String",
       ],
-      "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-      "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+      "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+          # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+          # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+      "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+          #
+          # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+          # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+          # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
       "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -449,7 +519,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -475,7 +546,7 @@ 
Method Details

 

 
 

-    patch(project, region, healthCheckService, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, healthCheckService, body=None, requestId=None)
   
Updates the specified regional HealthCheckService resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -486,14 +557,22 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Health-Check as a Service resource.
+    # 
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+      # 
+      # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -508,16 +587,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL with id for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -552,7 +644,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -566,7 +659,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -582,10 +675,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionHealthChecks.html b/docs/dyn/compute_alpha.regionHealthChecks.html
index c97f3621b14..e2b33f66449 100644
--- a/docs/dyn/compute_alpha.regionHealthChecks.html
+++ b/docs/dyn/compute_alpha.regionHealthChecks.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, healthCheck, requestId=None, x__xgafv=None)

+  delete(project, region, healthCheck, requestId=None)

 
Deletes the specified HealthCheck resource.

 

-  get(project, region, healthCheck, x__xgafv=None)

+  get(project, region, healthCheck)

 
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a HealthCheck resource in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, region, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -108,23 +108,36 @@ 
Method Details

 

 
 

-    delete(project, region, healthCheck, requestId=None, x__xgafv=None)
+    delete(project, region, healthCheck, requestId=None)
   
Deletes the specified HealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheck: string, Name of the HealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -159,7 +172,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,37 +187,64 @@ 
Method Details

 

 
 

-    get(project, region, healthCheck, x__xgafv=None)
+    get(project, region, healthCheck)
   
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheck: string, Name of the HealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+    #
+    # Google Compute Engine has two Health Check resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    #
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    #
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    #
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    #
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -213,7 +254,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -223,7 +270,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -241,7 +294,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -249,7 +308,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -267,7 +332,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -276,22 +341,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -301,7 +397,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -311,7 +413,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -329,7 +437,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -337,7 +451,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -353,16 +473,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -397,7 +530,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -411,21 +545,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -433,22 +573,53 @@ 
Method Details

     { # Contains a list of HealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheck resources.
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+        #
+        # Google Compute Engine has two Health Check resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+        #
+        # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+        #
+        # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+        #
+        # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+        #
+        # For more information, see Health checks overview.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcHealthCheck": {
-        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+            # - Empty service_name means the overall status of all services at the backend.
+            # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+            # The grpc_service_name can only be ASCII.
         "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, gRPC health check follows behavior specified in port and portName fields.
       },
       "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
       "http2HealthCheck": {
         "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -458,7 +629,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -468,7 +645,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTPS health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -486,7 +669,13 @@ 
Method Details

       "sslHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, SSL health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -494,7 +683,13 @@ 
Method Details

       "tcpHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, TCP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -515,7 +710,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -541,7 +737,7 @@ 
Method Details

 

 
 

-    patch(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -551,22 +747,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -576,7 +803,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -586,7 +819,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -604,7 +843,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -612,7 +857,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -628,16 +879,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -672,7 +936,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -686,7 +951,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -702,10 +967,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -718,7 +979,7 @@ 
Method Details

 

 
 

-    update(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, region, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -728,22 +989,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/alpha/healthChecks) * [Regional](/compute/docs/reference/rest/alpha/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -753,7 +1045,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -763,7 +1061,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -781,7 +1085,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -789,7 +1099,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -805,16 +1121,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -849,7 +1178,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionInPlaceSnapshots.html b/docs/dyn/compute_alpha.regionInPlaceSnapshots.html
index 9c28a794f7b..314b1a083c1 100644
--- a/docs/dyn/compute_alpha.regionInPlaceSnapshots.html
+++ b/docs/dyn/compute_alpha.regionInPlaceSnapshots.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, inPlaceSnapshot, requestId=None, x__xgafv=None)

-
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot. For more information, see Deleting inPlaceSnapshots.

+  delete(project, region, inPlaceSnapshot, requestId=None)

+
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot.

 

-  get(project, region, inPlaceSnapshot, x__xgafv=None)

+  get(project, region, inPlaceSnapshot)

 
Returns the specified InPlaceSnapshot resource in the specified region.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an in-place snapshot in the specified region.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of InPlaceSnapshot resources contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a inPlaceSnapshot in the given region. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -111,23 +111,38 @@ 
Method Details

 

 
 

-    delete(project, region, inPlaceSnapshot, requestId=None, x__xgafv=None)
-  
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot. For more information, see Deleting inPlaceSnapshots.
+    delete(project, region, inPlaceSnapshot, requestId=None)
+  
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot.
+
+For more information, see Deleting inPlaceSnapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   inPlaceSnapshot: string, Name of the InPlaceSnapshot resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -162,7 +177,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -176,29 +192,29 @@ 
Method Details

 

 
 

-    get(project, region, inPlaceSnapshot, x__xgafv=None)
+    get(project, region, inPlaceSnapshot)
   
Returns the specified InPlaceSnapshot resource in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   inPlaceSnapshot: string, Name of the InPlaceSnapshot resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a InPlaceSnapshot resource. You can use in-place snapshots to create disk rollback points quickly..
+    { # Represents a InPlaceSnapshot resource.
+    #
+    # You can use in-place snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.inPlaceSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Specifies to create an application consistent in-place snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#inPlaceSnapshot", # [Output Only] Type of the resource. Always compute#inPlaceSnapshot for InPlaceSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
   "labels": { # Labels to apply to this InPlaceSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -206,7 +222,10 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InPlaceSnapshot. This value may be used to determine whether the InPlaceSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the inPlaceSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -214,7 +233,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -222,27 +241,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -250,76 +293,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an in-place snapshot in the specified region.
 
 Args:
@@ -328,14 +439,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a InPlaceSnapshot resource. You can use in-place snapshots to create disk rollback points quickly..
+{ # Represents a InPlaceSnapshot resource.
+    # 
+    # You can use in-place snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.inPlaceSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Specifies to create an application consistent in-place snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#inPlaceSnapshot", # [Output Only] Type of the resource. Always compute#inPlaceSnapshot for InPlaceSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
   "labels": { # Labels to apply to this InPlaceSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -343,22 +458,38 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InPlaceSnapshot. This value may be used to determine whether the InPlaceSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the inPlaceSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -393,7 +524,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -407,21 +539,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of InPlaceSnapshot resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -429,14 +567,18 @@ 
Method Details

     { # Contains a list of InPlaceSnapshot resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InPlaceSnapshot resources.
-    { # Represents a InPlaceSnapshot resource. You can use in-place snapshots to create disk rollback points quickly..
+    { # Represents a InPlaceSnapshot resource.
+        #
+        # You can use in-place snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.inPlaceSnapshots ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
       "guestFlush": True or False, # Specifies to create an application consistent in-place snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#inPlaceSnapshot", # [Output Only] Type of the resource. Always compute#inPlaceSnapshot for InPlaceSnapshot resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
       "labels": { # Labels to apply to this InPlaceSnapshot. These can be later modified by the setLabels method. Label values may be empty.
         "a_key": "A String",
       },
@@ -444,7 +586,10 @@ 
Method Details

       "region": "A String", # [Output Only] URL of the region where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-      "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+      "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InPlaceSnapshot. This value may be used to determine whether the InPlaceSnapshot was taken from the current or a previous instance of a given disk name.
       "status": "A String", # [Output Only] The status of the inPlaceSnapshot. This can be CREATING, DELETING, FAILED, or READY.
       "zone": "A String", # [Output Only] URL of the zone where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -455,7 +600,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -481,7 +627,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -494,33 +640,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -528,95 +748,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -624,76 +936,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a inPlaceSnapshot in the given region. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -710,16 +1090,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -754,7 +1147,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -768,7 +1162,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -784,10 +1178,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionInstanceGroupManagers.html b/docs/dyn/compute_alpha.regionInstanceGroupManagers.html
index 15429ccc7c6..2880ff3b31f 100644
--- a/docs/dyn/compute_alpha.regionInstanceGroupManagers.html
+++ b/docs/dyn/compute_alpha.regionInstanceGroupManagers.html
@@ -75,49 +75,49 @@
 
Compute Engine API . regionInstanceGroupManagers

 
Instance Methods

 

-  abandonInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  abandonInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.

 

-  applyUpdatesToInstances(project, region, instanceGroupManager, body=None, x__xgafv=None)

+  applyUpdatesToInstances(project, region, instanceGroupManager, body=None)

 
Apply updates to selected instances the managed instance group.

 

   close()

 
Close httplib2 connections.

 

-  createInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  createInstances(project, region, instanceGroupManager, body=None, requestId=None)

 
Creates instances with per-instance configs in this regional managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.

 

-  delete(project, region, instanceGroupManager, requestId=None, x__xgafv=None)

+  delete(project, region, instanceGroupManager, requestId=None)

 
Deletes the specified managed instance group and all of the instances in that group.

 

-  deleteInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  deleteInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method.

 

-  deletePerInstanceConfigs(project, region, instanceGroupManager, body=None, x__xgafv=None)

+  deletePerInstanceConfigs(project, region, instanceGroupManager, body=None)

 
Deletes selected per-instance configs for the managed instance group.

 

-  get(project, region, instanceGroupManager, x__xgafv=None)

+  get(project, region, instanceGroupManager)

 
Returns all of the details about the specified managed instance group.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

-
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A regional managed instance group can contain up to 2000 instances.

+  insert(project, region, body=None, requestId=None)

+
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of managed instance groups that are contained within the specified region.

 

-  listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all errors thrown by actions on instances for a given regional managed instance group. The filter and orderBy query parameters are not supported.

 

   listErrors_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances. The orderBy query parameter is not supported.

 

   listManagedInstances_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.

 

   listPerInstanceConfigs_next(previous_request, previous_response)

@@ -126,54 +126,58 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)

 
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 

-  recreateInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  recreateInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.

 

-  resize(project, region, instanceGroupManager, size, requestId=None, x__xgafv=None)

-
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resize(project, region, instanceGroupManager, size, requestId=None)

+
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances.

 

-  resizeAdvanced(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Resizes the regional managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resizeAdvanced(project, region, instanceGroupManager, body=None, requestId=None)

+
Resizes the regional managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.

 

-  resumeInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method. In this request, you can only specify instances that are suspended. For example, if an instance was previously suspended using the suspendInstances method, it can be resumed using the resumeInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are resumed. You can specify a maximum of 1000 instances with this method per request.

+  resumeInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method.

 

-  setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None)

 
Modifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use regionInstanceGroupManagers.patch instead.

 

-  setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None)

 
Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.

 

-  setTargetPools(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setTargetPools(project, region, instanceGroupManager, body=None, requestId=None)

 
Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.

 

-  startInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method. In this request, you can only specify instances that are stopped. For example, if an instance was previously stopped using the stopInstances method, it can be started using the startInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are started. You can specify a maximum of 1000 instances with this method per request.

+  startInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method.

 

-  stopInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is stopped, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_STOP on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not stopped. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Stopped instances can be started using the startInstances method. You can specify a maximum of 1000 instances with this method per request.

+  stopInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method.

 

-  suspendInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is suspended, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_SUSPEND on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not suspended. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Suspended instances can be resumed using the resumeInstances method. You can specify a maximum of 1000 instances with this method per request.

+  suspendInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  update(project, region, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)

 
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 
Method Details

 

-    abandonInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    abandonInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -188,16 +192,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -232,7 +249,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -246,7 +264,7 @@ 
Method Details

 

 
 

-    applyUpdatesToInstances(project, region, instanceGroupManager, body=None, x__xgafv=None)
+    applyUpdatesToInstances(project, region, instanceGroupManager, body=None)
   
Apply updates to selected instances the managed instance group.
 
 Args:
@@ -257,24 +275,41 @@ 
Method Details

     The object takes the form of:
 
 { # RegionInstanceGroupManagers.applyUpdatesToInstances
-  "allInstances": True or False, # Flag to update all instances instead of specified list of “instances”. If the flag is set to true then the instances may not be specified in the request.
+  "allInstances": True or False, # Flag to update all instances instead of specified list of ?instances?. If the flag is set to true then the instances may not be specified in the request.
   "instances": [ # The list of URLs of one or more instances for which you want to apply updates. Each URL can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].
     "A String",
   ],
   "maximalAction": "A String", # The maximal action that should be performed on the instances. By default REPLACE. This field is deprecated, please use most_disruptive_allowed_action.
-  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update: - REPLACE: At minimum, delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
-  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update: - REPLACE: Delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
+  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update:
+      # - REPLACE: At minimum, delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
+  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update:
+      # - REPLACE: Delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -309,7 +344,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -328,7 +364,7 @@ 
Method Details

 

 
 

-    createInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    createInstances(project, region, instanceGroupManager, body=None, requestId=None)
   
Creates instances with per-instance configs in this regional managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.
 
 Args:
@@ -378,16 +414,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -422,7 +471,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -436,23 +486,36 @@ 
Method Details

 

 
 

-    delete(project, region, instanceGroupManager, requestId=None, x__xgafv=None)
+    delete(project, region, instanceGroupManager, requestId=None)
   
Deletes the specified managed instance group and all of the instances in that group.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -487,7 +550,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -501,8 +565,12 @@ 
Method Details

 

 
 

-    deleteInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    deleteInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -519,16 +587,29 @@ 
Method Details

   "skipInstancesOnValidationError": True or False, # Specifies whether the request should proceed despite the inclusion of instances that are not members of the group or that are already in the process of being deleted or abandoned. If this field is set to `false` and such an instance is specified in the request, the operation fails. The operation always fails if the request contains a malformed instance URL or a reference to an instance that exists in a zone or region other than the group's zone or region.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -563,7 +644,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -577,7 +659,7 @@ 
Method Details

 

 
 

-    deletePerInstanceConfigs(project, region, instanceGroupManager, body=None, x__xgafv=None)
+    deletePerInstanceConfigs(project, region, instanceGroupManager, body=None)
   
Deletes selected per-instance configs for the managed instance group.
 
 Args:
@@ -593,15 +675,24 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -636,7 +727,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -650,28 +742,38 @@ 
Method Details

 

 
 

-    get(project, region, instanceGroupManager, x__xgafv=None)
+    get(project, region, instanceGroupManager)
   
Returns all of the details about the specified managed instance group.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    #
+    # Represents a Managed Instance Group resource.
+    #
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    #
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    #
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -681,7 +783,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -704,11 +808,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -716,7 +826,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -762,17 +872,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -782,13 +914,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      #
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -799,8 +939,10 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
-  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A regional managed instance group can contain up to 2000 instances.
+    insert(project, region, body=None, requestId=None)
+  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.
+
+A regional managed instance group can contain up to 2000 instances.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -808,13 +950,27 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -824,7 +980,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -847,11 +1005,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -859,7 +1023,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -905,17 +1069,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -925,13 +1111,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -940,16 +1134,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -984,7 +1191,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -998,21 +1206,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of managed instance groups that are contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1020,13 +1234,27 @@ 
Method Details

     { # Contains a list of managed instance groups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroupManager resources.
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+        #
+        # Represents a Managed Instance Group resource.
+        #
+        # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+        #
+        # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+        #
+        # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
       "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
         {
           "healthCheck": "A String", # The URL for the health check that signals autohealing.
           "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-          "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+              #
+              # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1036,7 +1264,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
       "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
         "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+            #
+            # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
         "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
         "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
         "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1059,11 +1289,17 @@ 
Method Details

         ],
       },
       "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
       "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
       "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
       "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-        "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+        "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+            #
+            # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+            #
+            # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
           "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
         },
       },
@@ -1071,7 +1307,7 @@ 
Method Details

       "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
       "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
       "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -1117,17 +1353,39 @@ 
Method Details

         "A String",
       ],
       "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-      "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-      "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+      "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+          # - Stop instance using the stopInstances method or start instances using the startInstances method.
+          # - Manually change the targetStoppedSize using the update method.
+      "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+          # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+          # - Manually change the targetSuspendedSize using the update method.
       "updatePolicy": { # The update policy for this managed instance group.
-        "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+            # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+            # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
-        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+            #
+            #
+            # - The instance's status is RUNNING.
+            # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
@@ -1137,13 +1395,21 @@ 
Method Details

         "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
         "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
       },
-      "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+      "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+          #
+          # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
         {
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
           "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
           "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+              # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+              # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1157,7 +1423,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1169,22 +1436,28 @@ 
Method Details

 

 
 

-    listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all errors thrown by actions on instances for a given regional managed instance group. The filter and orderBy query parameters are not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. This should conform to RFC1035. (required)
-  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|1-9{0,19}. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|[1-9][0-9]{0,19}. (required)
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1226,22 +1499,28 @@ 
Method Details

 

 
 

-    listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1249,7 +1528,16 @@ 
Method Details

     {
   "managedInstances": [ # A list of managed instances.
     { # A Managed Instance resource.
-      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. - RECREATING The managed instance group is recreating this instance. - DELETING The managed instance group is permanently deleting this instance. - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. - RESTARTING The managed instance group is restarting the instance. - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
+      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values:
+          # - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance.
+          # - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful.
+          # - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead.
+          # - RECREATING The managed instance group is recreating this instance.
+          # - DELETING The managed instance group is permanently deleting this instance.
+          # - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group.
+          # - RESTARTING The managed instance group is restarting the instance.
+          # - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.
+          # - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
       "id": "A String", # [Output only] The unique identifier for this resource. This field is empty when instance does not exist.
       "instance": "A String", # [Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.
       "instanceHealth": [ # [Output Only] Health state of the instance per health-check.
@@ -1359,22 +1647,28 @@ 
Method Details

 

 
 

-    listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request, should conform to RFC1035. (required)
   instanceGroupManager: string, The name of the managed instance group. It should conform to RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1420,7 +1714,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1460,7 +1755,7 @@ 
Method Details

 

 
 

-    patch(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -1470,13 +1765,27 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1486,7 +1795,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1509,11 +1820,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -1521,7 +1838,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -1567,17 +1884,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1587,13 +1926,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1602,16 +1949,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1646,7 +2006,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1660,7 +2021,7 @@ 
Method Details

 

 
 

-    patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)
   
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1710,16 +2071,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1754,7 +2128,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1768,8 +2143,12 @@ 
Method Details

 

 
 

-    recreateInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    recreateInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1784,16 +2163,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1828,7 +2220,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1842,24 +2235,41 @@ 
Method Details

 

 
 

-    resize(project, region, instanceGroupManager, size, requestId=None, x__xgafv=None)
-  
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resize(project, region, instanceGroupManager, size, requestId=None)
+  
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances.
+
+The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group. (required)
   size: integer, Number of instances that should exist in this instance group manager. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1894,7 +2304,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1908,8 +2319,14 @@ 
Method Details

 

 
 

-    resizeAdvanced(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Resizes the regional managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resizeAdvanced(project, region, instanceGroupManager, body=None, requestId=None)
+  
Resizes the regional managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.
+
+If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances.
+
+The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the get or listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1919,20 +2336,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "noCreationRetries": True or False, # If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attempts to recreate each instance continuously until it succeeds. This flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario. This flag is applicable only to the current resize request. It does not influence other resize requests in any way. You can see which instances ar being created in which mode by calling the get or listManagedInstances API.
+  "noCreationRetries": True or False, # If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attempts to recreate each instance continuously until it succeeds.
+      # 
+      # This flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario.
+      # 
+      # This flag is applicable only to the current resize request. It does not influence other resize requests in any way.
+      # 
+      # You can see which instances ar being created in which mode by calling the get or listManagedInstances API.
   "targetSize": 42, # The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1967,7 +2403,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1981,8 +2418,14 @@ 
Method Details

 

 
 

-    resumeInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method. In this request, you can only specify instances that are suspended. For example, if an instance was previously suspended using the suspendInstances method, it can be resumed using the resumeInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are resumed. You can specify a maximum of 1000 instances with this method per request.
+    resumeInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be resumed. This method increases the targetSize and decreases the targetSuspendedSize of the managed instance group by the number of instances that you resume. The resumeInstances operation is marked DONE if the resumeInstances request is successful. The underlying actions take additional time. You must separately verify the status of the RESUMING action with the listmanagedinstances method.
+
+In this request, you can only specify instances that are suspended. For example, if an instance was previously suspended using the suspendInstances method, it can be resumed using the resumeInstances method.
+
+If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are resumed.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1997,16 +2440,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2041,7 +2497,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2055,7 +2512,7 @@ 
Method Details

 

 
 

-    setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None)
   
Modifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use regionInstanceGroupManagers.patch instead.
 
 Args:
@@ -2070,8 +2527,14 @@ 
Method Details

     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2079,16 +2542,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2123,7 +2599,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2137,7 +2614,7 @@ 
Method Details

 

 
 

-    setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None)
   
Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.
 
 Args:
@@ -2151,16 +2628,29 @@ 
Method Details

   "instanceTemplate": "A String", # URL of the InstanceTemplate resource from which all new instances will be created.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2195,7 +2685,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2209,7 +2700,7 @@ 
Method Details

 

 
 

-    setTargetPools(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setTargetPools(project, region, instanceGroupManager, body=None, requestId=None)
   
Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.
 
 Args:
@@ -2226,16 +2717,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2270,7 +2774,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2284,8 +2789,14 @@ 
Method Details

 

 
 

-    startInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method. In this request, you can only specify instances that are stopped. For example, if an instance was previously stopped using the stopInstances method, it can be started using the startInstances method. If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are started. You can specify a maximum of 1000 instances with this method per request.
+    startInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be started. This method increases the targetSize and decreases the targetStoppedSize of the managed instance group by the number of instances that you start. The startInstances operation is marked DONE if the startInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STARTING action with the listmanagedinstances method.
+
+In this request, you can only specify instances that are stopped. For example, if an instance was previously stopped using the stopInstances method, it can be started using the startInstances method.
+
+If a health check is attached to the managed instance group, the specified instances will be verified as healthy after they are started.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2300,16 +2811,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2344,7 +2868,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2358,8 +2883,16 @@ 
Method Details

 

 
 

-    stopInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is stopped, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_STOP on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not stopped. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Stopped instances can be started using the startInstances method. You can specify a maximum of 1000 instances with this method per request.
+    stopInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be immediately stopped. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetStoppedSize of the managed instance group by the number of instances that you stop. The stopInstances operation is marked DONE if the stopInstances request is successful. The underlying actions take additional time. You must separately verify the status of the STOPPING action with the listmanagedinstances method.
+
+If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is stopped, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_STOP on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not stopped.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended.
+
+Stopped instances can be started using the startInstances method.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2375,16 +2908,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2419,7 +2965,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2433,8 +2980,16 @@ 
Method Details

 

 
 

-    suspendInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method. If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is suspended, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_SUSPEND on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not suspended. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended. Suspended instances can be resumed using the resumeInstances method. You can specify a maximum of 1000 instances with this method per request.
+    suspendInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be immediately suspended. You can only specify instances that are running in this request. This method reduces the targetSize and increases the targetSuspendedSize of the managed instance group by the number of instances that you suspend. The suspendInstances operation is marked DONE if the suspendInstances request is successful. The underlying actions take additional time. You must separately verify the status of the SUSPENDING action with the listmanagedinstances method.
+
+If the instanceLifecyclePolicy.metadataBasedReadinessSignal field is set on the Instance Group Manager, each instance will be initialized before it is suspended, to give user programs time to perform necessary tasks. To initialize an instance, the Instance Group Manager sets the metadata key google-compute-initialization-intent to value INITIALIZE_AND_SUSPEND on the instance, and waits for the user program to signal it is ready. This is done by setting the guest attribute path google-compute/initialization-state to value INITIALIZED. If the instance does not signal successful initialization (does not set the guest attribute to INITIALIZED) before timeout, the initialization is considered failed and the instance is not suspended.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is suspended.
+
+Suspended instances can be resumed using the resumeInstances method.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2450,16 +3005,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2494,7 +3062,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2508,7 +3077,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -2524,10 +3093,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2540,7 +3105,7 @@ 
Method Details

 

 
 

-    update(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    update(project, region, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.
 
 Args:
@@ -2550,13 +3115,27 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
       "initialDelaySec": 42, # The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].
-      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM.
+          #
+          # By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2566,7 +3145,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -2589,11 +3170,17 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceLifecyclePolicy": { # Instance lifecycle policy for this Instance Group Manager.
-    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
+    "metadataBasedReadinessSignal": { # The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance.
+        #
+        # If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method.
+        #
+        # If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them.
       "timeoutSec": 42, # The number of seconds to wait for a readiness signal during initialization before timing out.
     },
   },
@@ -2601,7 +3188,7 @@ 
Method Details

   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -2647,17 +3234,39 @@ 
Method Details

     "A String",
   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
-  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you: - Stop instance using the stopInstances method or start instances using the startInstances method. - Manually change the targetStoppedSize using the update method.
-  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you: - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method. - Manually change the targetSuspendedSize using the update method.
+  "targetStoppedSize": 42, # The target number of stopped instances for this managed instance group. This number changes when you:
+      # - Stop instance using the stopInstances method or start instances using the startInstances method.
+      # - Manually change the targetStoppedSize using the update method.
+  "targetSuspendedSize": 42, # The target number of suspended instances for this managed instance group. This number changes when you:
+      # - Suspend instance using the suspendInstances method or resume instances using the resumeInstances method.
+      # - Manually change the targetSuspendedSize using the update method.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -2667,13 +3276,21 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
       "tag": "A String", # Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2682,16 +3299,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2726,7 +3356,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2740,7 +3371,7 @@ 
Method Details

 

 
 

-    updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)
   
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -2790,16 +3421,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2834,7 +3478,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionInstanceGroups.html b/docs/dyn/compute_alpha.regionInstanceGroups.html
index 36b9c22b5ae..da532035f39 100644
--- a/docs/dyn/compute_alpha.regionInstanceGroups.html
+++ b/docs/dyn/compute_alpha.regionInstanceGroups.html
@@ -78,13 +78,13 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, instanceGroup, x__xgafv=None)

+  get(project, region, instanceGroup)

 
Returns the specified instance group resource.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instance group resources contained within the specified region.

 

-  listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running. The orderBy query parameter is not supported.

 

   listInstances_next(previous_request, previous_response)

@@ -93,10 +93,10 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setNamedPorts(project, region, instanceGroup, body=None, requestId=None, x__xgafv=None)

+  setNamedPorts(project, region, instanceGroup, body=None, requestId=None)

 
Sets the named ports for the specified regional instance group.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,30 +105,42 @@ 
Method Details

 

 
 

-    get(project, region, instanceGroup, x__xgafv=None)
+    get(project, region, instanceGroup)
   
Returns the specified instance group resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroup: string, Name of the instance group resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+    #
+    # Instance Groups can be used to configure a target for load balancing.
+    #
+    # Instance groups can either be managed or unmanaged.
+    #
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    #
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    #
+    # For more information, read Instance groups.
+    #
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      #
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      #
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -144,21 +156,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instance group resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -166,15 +184,31 @@ 
Method Details

     { # Contains a list of InstanceGroup resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroup resources.
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+        #
+        # Instance Groups can be used to configure a target for load balancing.
+        #
+        # Instance groups can either be managed or unmanaged.
+        #
+        # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+        #
+        # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+        #
+        # For more information, read Instance groups.
+        #
+        # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
       "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
       "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
       "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-      "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-        { # The named port. For example: <"http", 80>.
+      "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+          #
+          # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+          #
+          # Named ports apply to all instances in this instance group.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -193,7 +227,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -205,7 +240,7 @@ 
Method Details

 

 
 

-    listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running. The orderBy query parameter is not supported.
 
 Args:
@@ -220,15 +255,21 @@ 
Method Details

   "portName": "A String", # Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -239,7 +280,7 @@ 
Method Details

     {
       "instance": "A String", # [Output Only] The URL of the instance.
       "namedPorts": [ # [Output Only] The named ports that belong to this instance group.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -252,7 +293,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -292,7 +334,7 @@ 
Method Details

 

 
 

-    setNamedPorts(project, region, instanceGroup, body=None, requestId=None, x__xgafv=None)
+    setNamedPorts(project, region, instanceGroup, body=None, requestId=None)
   
Sets the named ports for the specified regional instance group.
 
 Args:
@@ -305,23 +347,36 @@ 
Method Details

 {
   "fingerprint": "A String", # The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.
   "namedPorts": [ # The list of named ports to set for this instance group.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -356,7 +411,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -370,7 +426,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -386,10 +442,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionInstances.html b/docs/dyn/compute_alpha.regionInstances.html
index 848d76f63af..03a66a83468 100644
--- a/docs/dyn/compute_alpha.regionInstances.html
+++ b/docs/dyn/compute_alpha.regionInstances.html
@@ -75,17 +75,17 @@
 
Compute Engine API . regionInstances

 
Instance Methods

 

-  bulkInsert(project, region, body=None, requestId=None, x__xgafv=None)

+  bulkInsert(project, region, body=None, requestId=None)

 
Creates multiple instances in a given region. Count specifies the number of instances to create.

 

   close()

 
Close httplib2 connections.

 

-  recommendLocations(project, region, body=None, x__xgafv=None)

+  recommendLocations(project, region, body=None)

 
Returns recommended locations (zones in a region) for specified sets of homogenous instances.

 
Method Details

 

-    bulkInsert(project, region, body=None, requestId=None, x__xgafv=None)
+    bulkInsert(project, region, body=None, requestId=None)
   
Creates multiple instances in a given region. Count specifies the number of instances to create.
 
 Args:
@@ -96,14 +96,16 @@ 
Method Details

 
 { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert and compute.regionInstances.recommendLocations. This resource is not persisted anywhere, it is used only for processing the requests.
   "count": "A String", # The maximum number of instances to create.
-  "instance": { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. # DEPRECATED: Please use instance_properties instead.
+  "instance": { # Represents an Instance resource. # DEPRECATED: Please use instance_properties instead.
+      #
+      # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
     "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "numaNodeCount": 42, # The number of vNUMA nodes.
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
       "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
     },
-    "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+    "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
     "confidentialInstanceConfig": { # A set of Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
@@ -115,30 +117,58 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
         "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -153,20 +183,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -201,7 +267,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
           "A String",
@@ -212,7 +282,9 @@ 
Method Details

       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-    "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
       { # A specification of the type and number of accelerator cards attached to the instance.
         "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -221,26 +293,53 @@ 
Method Details

     ],
     "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
     "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-    "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+    "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+        #
+        # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+        #
+        # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+        #
+        # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+        #
+        # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-    "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+    "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
       "a_key": "A String",
     },
     "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
     "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
     "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-    "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+    "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+        # zones/us-central1-f/machineTypes/n1-standard-1
+        #
+        #
+        # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+        # zones/zone/machineTypes/custom-CPUS-MEMORY
+        #
+        #
+        # For example: zones/us-central1-f/machineTypes/custom-4-5120
+        #
+        # For a full list of restrictions, read the Specifications for custom machine types.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -258,7 +357,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -281,7 +384,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -289,24 +396,37 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
@@ -315,9 +435,9 @@ 
Method Details

     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
     "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -336,7 +456,9 @@ 
Method Details

     },
     "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -361,7 +483,9 @@ 
Method Details

     ],
     "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
     "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-    "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+    "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+        #
+        # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
       { # A service account.
         "email": "A String", # Email address of the service account.
         "scopes": [ # The list of scopes to be made available for this service account.
@@ -390,14 +514,21 @@ 
Method Details

       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-    "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+    "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
     "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
     "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -429,30 +560,58 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
         "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -467,20 +626,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -515,7 +710,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
           "A String",
@@ -536,9 +735,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -555,7 +756,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -578,7 +783,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -586,24 +795,37 @@ 
Method Details

             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
         "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
         "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
           {
             "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
             "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
             "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
           },
         ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
@@ -611,9 +833,9 @@ 
Method Details

       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -623,7 +845,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -665,7 +889,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -680,7 +906,7 @@ 
Method Details

     "targetShape": "A String", # Strategy for distributing VMs across zones in a region.
   },
   "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
-  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder # ...# can contain up to 18 characters.
+  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
   "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
     "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
       "name": "A String", # This field is only temporary. It will be removed. Do not use it.
@@ -692,19 +918,39 @@ 
Method Details

   "secureTags": [ # DEPRECATED: Please use instance_properties.secure_tag instead. Secure tags to apply to this instance. These can be later modified by the update method. Maximum number of secure tags allowed is 50.
     "A String",
   ],
-  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional.
+  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+      # 
+      # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+      # - projects/project/global/instanceTemplates/instanceTemplate
+      # - global/instanceTemplates/instanceTemplate
+      # 
+      # This field is optional.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -739,7 +985,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -758,7 +1005,7 @@ 
Method Details

 

 
 

-    recommendLocations(project, region, body=None, x__xgafv=None)
+    recommendLocations(project, region, body=None)
   
Returns recommended locations (zones in a region) for specified sets of homogenous instances.
 
 Args:
@@ -768,17 +1015,28 @@ 
Method Details

     The object takes the form of:
 
 { # A transient resource used in compute.regionInstances.recommendLocations. This resource is not saved anywhere and used only to process the request.
-  "instanceSpecs": { # Specification of named homogeneous instance sets to find location for. Keys of this map are arbitrary (but must be different), defined by the caller used only in the response. They must follow RFC 1035 name standard. Specifically, they must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. Values are trimmed BulkInsertInstanceResource messages, without the following fields: - min_count - predefined_name - name_pattern - per_instance_properties - instance - secure_tag - location_policy
+  "instanceSpecs": { # Specification of named homogeneous instance sets to find location for.
+      # Keys of this map are arbitrary (but must be different), defined by the caller used only in the response. They must follow RFC 1035 name standard. Specifically, they must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # Values are trimmed BulkInsertInstanceResource messages, without the following fields:
+      # - min_count
+      # - predefined_name
+      # - name_pattern
+      # - per_instance_properties
+      # - instance
+      # - secure_tag
+      # - location_policy
     "a_key": { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert and compute.regionInstances.recommendLocations. This resource is not persisted anywhere, it is used only for processing the requests.
       "count": "A String", # The maximum number of instances to create.
-      "instance": { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. # DEPRECATED: Please use instance_properties instead.
+      "instance": { # Represents an Instance resource. # DEPRECATED: Please use instance_properties instead.
+          #
+          # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
         "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
           "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
           "numaNodeCount": 42, # The number of vNUMA nodes.
           "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
           "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
         },
-        "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+        "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
         "confidentialInstanceConfig": { # A set of Confidential Instance options.
           "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
         },
@@ -790,30 +1048,58 @@ 
Method Details

           { # An instance-attached disk resource.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                #
+                # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                #
+                # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                #
+                # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                #
+                # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
             "diskSizeGb": "A String", # The size of the disk in GB.
             "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
               "description": "A String", # An optional description. Provide this property when creating the disk.
               "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
               "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                  # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                  #
+                  #
+                  # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                  # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                  # - projects/project/zones/zone/diskTypes/diskType
+                  # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                  #
+                  # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
                 { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                 },
               ],
               "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -828,20 +1114,56 @@ 
Method Details

               "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                 "A String",
               ],
-              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                  # projects/debian-cloud/global/images/family/debian-9
+                  #
+                  #
+                  # Alternatively, use a specific version of a public operating system image:
+                  # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                  #
+                  #
+                  # To create a disk with a custom image that you created, specify the image name in the following format:
+                  # global/images/my-custom-image
+                  #
+                  #
+                  # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                  # global/images/family/my-image-family
+                  #
+                  #
+                  # If the source image is deleted later, this field will not be set.
+              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
-              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                  # global/snapshots/my-backup
+                  #
+                  #
+                  # If the source snapshot is deleted later, this field will not be set.
               "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
             },
@@ -876,7 +1198,11 @@ 
Method Details

                 "fileType": "A String", # The file type of source file.
               },
             },
-            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                #
+                # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
             "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
             "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
               "A String",
@@ -887,7 +1213,9 @@ 
Method Details

           "enableDisplay": True or False, # Defines whether the instance has Display enabled.
         },
         "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-        "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+        "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+            #
+            # To see the latest fingerprint, make get() request to the instance.
         "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
           { # A specification of the type and number of accelerator cards attached to the instance.
             "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -896,26 +1224,53 @@ 
Method Details

         ],
         "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
         "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-        "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key. If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide. If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance. If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+        "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+            #
+            # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+            #
+            # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+            #
+            # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-        "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+        "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+            #
+            # To see the latest fingerprint, make get() request to the instance.
         "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
           "a_key": "A String",
         },
         "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
         "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
         "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-        "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+        "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+            # zones/us-central1-f/machineTypes/n1-standard-1
+            #
+            #
+            # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+            # zones/zone/machineTypes/custom-CPUS-MEMORY
+            #
+            #
+            # For example: zones/us-central1-f/machineTypes/custom-4-5120
+            #
+            # For a full list of restrictions, read the Specifications for custom machine types.
         "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
           "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
+            {
               "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
               "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
             },
@@ -933,7 +1288,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -956,7 +1315,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -964,24 +1327,37 @@ 
Method Details

                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
             "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
             "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
             "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
             "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
             "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
             "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
             "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
               {
                 "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
                 "ipAllocationMode": "A String",
-                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                    # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                    # - regions/region/subnetworks/subnetwork
                 "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
               },
             ],
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
           },
         ],
         "networkPerformanceConfig": {
@@ -990,9 +1366,9 @@ 
Method Details

         },
         "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
         "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
         "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
@@ -1011,7 +1387,9 @@ 
Method Details

         },
         "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
           "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
           "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -1036,7 +1414,9 @@ 
Method Details

         ],
         "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
         "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-        "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+        "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+            #
+            # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
           { # A service account.
             "email": "A String", # Email address of the service account.
             "scopes": [ # The list of scopes to be made available for this service account.
@@ -1065,14 +1445,21 @@ 
Method Details

           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-        "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+        "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
         "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
         "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
             "A String",
           ],
@@ -1104,30 +1491,58 @@ 
Method Details

           { # An instance-attached disk resource.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                #
+                # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                #
+                # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                #
+                # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                #
+                # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
             "diskSizeGb": "A String", # The size of the disk in GB.
             "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
               "description": "A String", # An optional description. Provide this property when creating the disk.
               "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
               "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                  # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                  #
+                  #
+                  # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                  # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                  # - projects/project/zones/zone/diskTypes/diskType
+                  # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                  #
+                  # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
                 { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                 },
               ],
               "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -1142,20 +1557,56 @@ 
Method Details

               "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                 "A String",
               ],
-              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                  # projects/debian-cloud/global/images/family/debian-9
+                  #
+                  #
+                  # Alternatively, use a specific version of a public operating system image:
+                  # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                  #
+                  #
+                  # To create a disk with a custom image that you created, specify the image name in the following format:
+                  # global/images/my-custom-image
+                  #
+                  #
+                  # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                  # global/images/family/my-image-family
+                  #
+                  #
+                  # If the source image is deleted later, this field will not be set.
+              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
-              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                  # global/snapshots/my-backup
+                  #
+                  #
+                  # If the source snapshot is deleted later, this field will not be set.
               "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
             },
@@ -1190,7 +1641,11 @@ 
Method Details

                 "fileType": "A String", # The file type of source file.
               },
             },
-            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                #
+                # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
             "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
             "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
               "A String",
@@ -1211,9 +1666,11 @@ 
Method Details

         },
         "machineType": "A String", # The machine type to use for instances that are created from these properties.
         "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
           "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
+            {
               "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
               "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
             },
@@ -1230,7 +1687,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1253,7 +1714,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
@@ -1261,24 +1726,37 @@ 
Method Details

                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
             "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
             "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
             "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
             "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
             "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
             "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
             "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
               {
                 "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
                 "ipAllocationMode": "A String",
-                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                    # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                    # - regions/region/subnetworks/subnetwork
                 "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
               },
             ],
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
           },
         ],
         "networkPerformanceConfig": {
@@ -1286,9 +1764,9 @@ 
Method Details

           "totalEgressBandwidthTier": "A String",
         },
         "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
         "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
@@ -1298,7 +1776,9 @@ 
Method Details

           "A String",
         ],
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
           "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
           "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
@@ -1340,7 +1820,9 @@ 
Method Details

           "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
         },
         "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
             "A String",
           ],
@@ -1355,7 +1837,7 @@ 
Method Details

         "targetShape": "A String", # Strategy for distributing VMs across zones in a region.
       },
       "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
-      "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder # ...# can contain up to 18 characters.
+      "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
       "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
         "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
           "name": "A String", # This field is only temporary. It will be removed. Do not use it.
@@ -1367,7 +1849,14 @@ 
Method Details

       "secureTags": [ # DEPRECATED: Please use instance_properties.secure_tag instead. Secure tags to apply to this instance. These can be later modified by the update method. Maximum number of secure tags allowed is 50.
         "A String",
       ],
-      "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional.
+      "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+          #
+          # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+          # - projects/project/global/instanceTemplates/instanceTemplate
+          # - global/instanceTemplates/instanceTemplate
+          #
+          # This field is optional.
     },
   },
   "locationPolicy": { # Configuration for location policy among multiple possible locations (e.g. preferences for zone selection among zones in a single region). # Location policy to indicate allowed zones for instances, together with the shape of the distribution.
@@ -1380,10 +1869,6 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionInstantSnapshots.html b/docs/dyn/compute_alpha.regionInstantSnapshots.html
index 5fd9c1f5967..fd48142ffa0 100644
--- a/docs/dyn/compute_alpha.regionInstantSnapshots.html
+++ b/docs/dyn/compute_alpha.regionInstantSnapshots.html
@@ -78,34 +78,34 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, instantSnapshot, requestId=None, x__xgafv=None)

-
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot. For more information, see Deleting instantSnapshots.

+  delete(project, region, instantSnapshot, requestId=None)

+
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot.

 

-  export(project, region, instantSnapshot, body=None, requestId=None, x__xgafv=None)

+  export(project, region, instantSnapshot, body=None, requestId=None)

 
Export the changed blocks between two instant snapshots to a customer's bucket in the user specified format.

 

-  get(project, region, instantSnapshot, x__xgafv=None)

+  get(project, region, instantSnapshot)

 
Returns the specified InstantSnapshot resource in the specified region.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an instant snapshot in the specified region.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of InstantSnapshot resources contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a instantSnapshot in the given region. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -114,23 +114,38 @@ 
Method Details

 

 
 

-    delete(project, region, instantSnapshot, requestId=None, x__xgafv=None)
-  
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot. For more information, see Deleting instantSnapshots.
+    delete(project, region, instantSnapshot, requestId=None)
+  
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot.
+
+For more information, see Deleting instantSnapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   instantSnapshot: string, Name of the InstantSnapshot resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -165,7 +180,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -179,7 +195,7 @@ 
Method Details

 

 
 

-    export(project, region, instantSnapshot, body=None, requestId=None, x__xgafv=None)
+    export(project, region, instantSnapshot, body=None, requestId=None)
   
Export the changed blocks between two instant snapshots to a customer's bucket in the user specified format.
 
 Args:
@@ -197,7 +213,12 @@ 
Method Details

       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "objectName": "A String", # Name of the output Bigstore object storing the changed blocks. Object name must be less than 1024 bytes in length.
@@ -205,16 +226,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -249,7 +283,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -263,29 +298,29 @@ 
Method Details

 

 
 

-    get(project, region, instantSnapshot, x__xgafv=None)
+    get(project, region, instantSnapshot)
   
Returns the specified InstantSnapshot resource in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   instantSnapshot: string, Name of the InstantSnapshot resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a InstantSnapshot resource. You can use instant snapshots to create disk rollback points quickly..
+    { # Represents a InstantSnapshot resource.
+    #
+    # You can use instant snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.instantSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Whether to attempt an application consistent instant snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instantSnapshot", # [Output Only] Type of the resource. Always compute#instantSnapshot for InstantSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
   "labels": { # Labels to apply to this InstantSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -294,7 +329,13 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InstantSnapshot. This value may be used to determine whether the InstantSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the instantSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -302,7 +343,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -310,27 +351,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -338,76 +403,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an instant snapshot in the specified region.
 
 Args:
@@ -416,14 +549,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a InstantSnapshot resource. You can use instant snapshots to create disk rollback points quickly..
+{ # Represents a InstantSnapshot resource.
+    # 
+    # You can use instant snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.instantSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Whether to attempt an application consistent instant snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instantSnapshot", # [Output Only] Type of the resource. Always compute#instantSnapshot for InstantSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
   "labels": { # Labels to apply to this InstantSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -432,22 +569,41 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InstantSnapshot. This value may be used to determine whether the InstantSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the instantSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -482,7 +638,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -496,21 +653,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of InstantSnapshot resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -518,14 +681,18 @@ 
Method Details

     { # Contains a list of InstantSnapshot resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstantSnapshot resources.
-    { # Represents a InstantSnapshot resource. You can use instant snapshots to create disk rollback points quickly..
+    { # Represents a InstantSnapshot resource.
+        #
+        # You can use instant snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.instantSnapshots ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
       "guestFlush": True or False, # Whether to attempt an application consistent instant snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#instantSnapshot", # [Output Only] Type of the resource. Always compute#instantSnapshot for InstantSnapshot resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
       "labels": { # Labels to apply to this InstantSnapshot. These can be later modified by the setLabels method. Label values may be empty.
         "a_key": "A String",
       },
@@ -534,7 +701,13 @@ 
Method Details

       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-      "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InstantSnapshot. This value may be used to determine whether the InstantSnapshot was taken from the current or a previous instance of a given disk name.
       "status": "A String", # [Output Only] The status of the instantSnapshot. This can be CREATING, DELETING, FAILED, or READY.
       "zone": "A String", # [Output Only] URL of the zone where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -545,7 +718,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -571,7 +745,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -584,33 +758,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -618,95 +866,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -714,76 +1054,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a instantSnapshot in the given region. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -800,16 +1208,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -844,7 +1265,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -858,7 +1280,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -874,10 +1296,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html b/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html
index bb816acd8f7..8434117cfc4 100644
--- a/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html
+++ b/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, region, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group. Note that the NEG cannot be deleted if it is configured as a backend of a backend service.

 

-  get(project, region, networkEndpointGroup, x__xgafv=None)

+  get(project, region, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of regional network endpoint groups available to the specified project in the given region.

 

   list_next(previous_request, previous_response)

@@ -99,23 +99,36 @@ 
Method Details

 

 
 

-    delete(project, region, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, region, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group. Note that the NEG cannot be deleted if it is configured as a backend of a backend service.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -150,7 +163,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -164,38 +178,68 @@ 
Method Details

 

 
 

-    get(project, region, networkEndpointGroup, x__xgafv=None)
+    get(project, region, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -215,11 +259,37 @@ 
Method Details

   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+      #
+      # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+        #
+        #
+        # - API Gateway: apigateway.googleapis.com
+        # - App Engine: appengine.googleapis.com
+        # - Cloud Functions: cloudfunctions.googleapis.com
+        # - Cloud Run: run.googleapis.com
+    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service name
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service name
+    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service and version
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service and tag
+    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+        #
+        #
+        # - API Gateway: Unused
+        # - App Engine: The service version
+        # - Cloud Functions: Unused
+        # - Cloud Run: The service tag
   },
   "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
   "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -229,7 +299,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -238,23 +308,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -274,11 +378,37 @@ 
Method Details

   "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+  "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+      #
+      # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+    "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+        #
+        #
+        # - API Gateway: apigateway.googleapis.com
+        # - App Engine: appengine.googleapis.com
+        # - Cloud Functions: cloudfunctions.googleapis.com
+        # - Cloud Run: run.googleapis.com
+    "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service name
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service name
+    "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+        #
+        #
+        # - API Gateway: The gateway ID
+        # - App Engine: The service and version
+        # - Cloud Functions: The function name
+        # - Cloud Run: The service and tag
+    "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+        #
+        #
+        # - API Gateway: Unused
+        # - App Engine: The service version
+        # - Cloud Functions: Unused
+        # - Cloud Run: The service tag
   },
   "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
   "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -286,16 +416,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -330,7 +473,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -344,21 +488,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of regional network endpoint groups available to the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -366,23 +516,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -402,11 +586,37 @@ 
Method Details

       "region": "A String", # [Output Only] The URL of the region where the network endpoint group is located.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
-        "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include: 1. API Gateway: apigateway.googleapis.com 2. App Engine: appengine.googleapis.com 3. Cloud Functions: cloudfunctions.googleapis.com 4. Cloud Run: run.googleapis.com
-        "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name
-        "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag
-        "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag
+      "serverlessDeployment": { # Configuration for a serverless network endpoint group (NEG). The platform must be provided. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine, cloudFunction or serverlessDeployment may be set.
+          #
+          # Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.
+        "platform": "A String", # The platform of the backend target(s) of this NEG. Possible values include:
+            #
+            #
+            # - API Gateway: apigateway.googleapis.com
+            # - App Engine: appengine.googleapis.com
+            # - Cloud Functions: cloudfunctions.googleapis.com
+            # - Cloud Run: run.googleapis.com
+        "resource": "A String", # The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows:
+            #
+            #
+            # - API Gateway: The gateway ID
+            # - App Engine: The service name
+            # - Cloud Functions: The function name
+            # - Cloud Run: The service name
+        "urlMask": "A String", # A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows:
+            #
+            #
+            # - API Gateway: The gateway ID
+            # - App Engine: The service and version
+            # - Cloud Functions: The function name
+            # - Cloud Run: The service and tag
+        "version": "A String", # The optional resource version. The version identified by this value is platform-specific and is follows:
+            #
+            #
+            # - API Gateway: Unused
+            # - App Engine: The service version
+            # - Cloud Functions: Unused
+            # - Cloud Run: The service tag
       },
       "size": 42, # [Output only] Number of network endpoints in the network endpoint group.
       "subnetwork": "A String", # Optional URL of the subnetwork to which all network endpoints in the NEG belong.
@@ -419,7 +629,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html b/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html
index 18e1a3594ac..f181a0146b2 100644
--- a/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html
+++ b/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html
@@ -75,62 +75,62 @@
 
Compute Engine API . regionNetworkFirewallPolicies

 
Instance Methods

 

-  addAssociation(project, region, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)

+  addAssociation(project, region, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)

 
Inserts an association for the specified network firewall policy.

 

-  addRule(project, region, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None, x__xgafv=None)

+  addRule(project, region, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)

 
Inserts a rule into a network firewall policy.

 

-  cloneRules(project, region, firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)

+  cloneRules(project, region, firewallPolicy, requestId=None, sourceFirewallPolicy=None)

 
Copies rules to the specified network firewall policy.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, region, firewallPolicy, requestId=None, x__xgafv=None)

+  delete(project, region, firewallPolicy, requestId=None)

 
Deletes the specified network firewall policy.

 

-  get(project, region, firewallPolicy, x__xgafv=None)

+  get(project, region, firewallPolicy)

 
Returns the specified network firewall policy.

 

-  getAssociation(project, region, firewallPolicy, name=None, x__xgafv=None)

+  getAssociation(project, region, firewallPolicy, name=None)

 
Gets an association with the specified name.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getRule(project, region, firewallPolicy, priority=None, x__xgafv=None)

+  getRule(project, region, firewallPolicy, priority=None)

 
Gets a rule of the specified priority.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a new network firewall policy in the specified project and region.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the network firewall policies that have been configured for the specified project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, firewallPolicy, body=None, requestId=None)

 
Patches the specified network firewall policy.

 

-  patchRule(project, region, firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)

+  patchRule(project, region, firewallPolicy, body=None, priority=None, requestId=None)

 
Patches a rule of the specified priority.

 

-  removeAssociation(project, region, firewallPolicy, name=None, requestId=None, x__xgafv=None)

+  removeAssociation(project, region, firewallPolicy, name=None, requestId=None)

 
Removes an association for the specified network firewall policy.

 

-  removeRule(project, region, firewallPolicy, priority=None, requestId=None, x__xgafv=None)

+  removeRule(project, region, firewallPolicy, priority=None, requestId=None)

 
Deletes a rule of the specified priority.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addAssociation(project, region, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)
+    addAssociation(project, region, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)
   
Inserts an association for the specified network firewall policy.
 
 Args:
@@ -149,16 +149,29 @@ 
Method Details

 }
 
   replaceExistingAssociation: boolean, Indicates whether or not to replace it if an association already exists. This is false by default, in which case an error will be returned if an association already exists.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -193,7 +206,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -207,7 +221,7 @@ 
Method Details

 

 
 

-    addRule(project, region, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None, x__xgafv=None)
+    addRule(project, region, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)
   
Inserts a rule into a network firewall policy.
 
 Args:
@@ -231,7 +245,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -264,16 +280,29 @@ 
Method Details

 
   maxPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.
   minPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -308,7 +337,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -322,24 +352,37 @@ 
Method Details

 

 
 

-    cloneRules(project, region, firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)
+    cloneRules(project, region, firewallPolicy, requestId=None, sourceFirewallPolicy=None)
   
Copies rules to the specified network firewall policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   firewallPolicy: string, Name of the firewall policy to update. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceFirewallPolicy: string, The firewall policy from which to copy rules.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -374,7 +417,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -393,23 +437,36 @@ 
Method Details

 

 
 

-    delete(project, region, firewallPolicy, requestId=None, x__xgafv=None)
+    delete(project, region, firewallPolicy, requestId=None)
   
Deletes the specified network firewall policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   firewallPolicy: string, Name of the firewall policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -444,7 +501,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -458,22 +516,18 @@ 
Method Details

 

 
 

-    get(project, region, firewallPolicy, x__xgafv=None)
+    get(project, region, firewallPolicy)
   
Returns the specified network firewall policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   firewallPolicy: string, Name of the firewall policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -486,7 +540,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -508,7 +564,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -546,7 +604,7 @@ 
Method Details

 

 
 

-    getAssociation(project, region, firewallPolicy, name=None, x__xgafv=None)
+    getAssociation(project, region, firewallPolicy, name=None)
   
Gets an association with the specified name.
 
 Args:
@@ -554,10 +612,6 @@ 
Method Details

   region: string, Name of the region scoping this request. (required)
   firewallPolicy: string, Name of the firewall policy to which the queried association belongs. (required)
   name: string, The name of the association to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -572,7 +626,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -580,27 +634,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -608,76 +686,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getRule(project, region, firewallPolicy, priority=None, x__xgafv=None)
+    getRule(project, region, firewallPolicy, priority=None)
   
Gets a rule of the specified priority.
 
 Args:
@@ -685,10 +831,6 @@ 
Method Details

   region: string, Name of the region scoping this request. (required)
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -707,7 +849,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -740,7 +884,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a new network firewall policy in the specified project and region.
 
 Args:
@@ -749,7 +893,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -762,7 +906,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -784,7 +930,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -820,16 +968,29 @@ 
Method Details

   "shortName": "A String", # User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -864,7 +1025,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -878,21 +1040,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the network firewall policies that have been configured for the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -900,7 +1068,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of FirewallPolicy resources.
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
       "associations": [ # A list of associations that belong to this firewall policy.
         {
           "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -913,7 +1081,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the firewall policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
       "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -935,7 +1105,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -975,7 +1147,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1001,7 +1174,7 @@ 
Method Details

 

 
 

-    patch(project, region, firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, firewallPolicy, body=None, requestId=None)
   
Patches the specified network firewall policy.
 
 Args:
@@ -1011,7 +1184,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -1024,7 +1197,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -1046,7 +1221,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -1082,16 +1259,29 @@ 
Method Details

   "shortName": "A String", # User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1126,7 +1316,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1140,7 +1331,7 @@ 
Method Details

 

 
 

-    patchRule(project, region, firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)
+    patchRule(project, region, firewallPolicy, body=None, priority=None, requestId=None)
   
Patches a rule of the specified priority.
 
 Args:
@@ -1164,7 +1355,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -1196,16 +1389,29 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1240,7 +1446,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1254,7 +1461,7 @@ 
Method Details

 

 
 

-    removeAssociation(project, region, firewallPolicy, name=None, requestId=None, x__xgafv=None)
+    removeAssociation(project, region, firewallPolicy, name=None, requestId=None)
   
Removes an association for the specified network firewall policy.
 
 Args:
@@ -1262,16 +1469,29 @@ 
Method Details

   region: string, Name of the region scoping this request. (required)
   firewallPolicy: string, Name of the firewall policy to update. (required)
   name: string, Name for the association that will be removed.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1306,7 +1526,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1320,7 +1541,7 @@ 
Method Details

 

 
 

-    removeRule(project, region, firewallPolicy, priority=None, requestId=None, x__xgafv=None)
+    removeRule(project, region, firewallPolicy, priority=None, requestId=None)
   
Deletes a rule of the specified priority.
 
 Args:
@@ -1328,16 +1549,29 @@ 
Method Details

   region: string, Name of the region scoping this request. (required)
   firewallPolicy: string, Name of the firewall policy to update. (required)
   priority: integer, The priority of the rule to remove from the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1372,7 +1606,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1386,7 +1621,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1399,33 +1634,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1433,95 +1742,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1529,76 +1930,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1614,10 +2083,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionNotificationEndpoints.html b/docs/dyn/compute_alpha.regionNotificationEndpoints.html
index 240193d1cc5..d872b781185 100644
--- a/docs/dyn/compute_alpha.regionNotificationEndpoints.html
+++ b/docs/dyn/compute_alpha.regionNotificationEndpoints.html
@@ -75,7 +75,7 @@
 
Compute Engine API . regionNotificationEndpoints

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all NotificationEndpoint resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, notificationEndpoint, requestId=None, x__xgafv=None)

+  delete(project, region, notificationEndpoint, requestId=None)

 
Deletes the specified NotificationEndpoint in the given region

 

-  get(project, region, notificationEndpoint, x__xgafv=None)

+  get(project, region, notificationEndpoint)

 
Returns the specified NotificationEndpoint resource in the given region.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Create a NotificationEndpoint in the specified project in the given region using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the NotificationEndpoints for a project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all NotificationEndpoint resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -127,7 +133,11 @@ 
Method Details

   "items": { # A list of NotificationEndpointsScopedList resources.
     "a_key": { # Name of the scope containing this set of NotificationEndpoints.
       "resources": [ # A list of NotificationEndpoints contained in this scope.
-        { # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+        { # Represents a notification endpoint.
+            #
+            # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+            #
+            # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -149,7 +159,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of notification endpoints when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -167,7 +178,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -198,23 +210,36 @@ 
Method Details

 

 
 

-    delete(project, region, notificationEndpoint, requestId=None, x__xgafv=None)
+    delete(project, region, notificationEndpoint, requestId=None)
   
Deletes the specified NotificationEndpoint in the given region
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   notificationEndpoint: string, Name of the NotificationEndpoint resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -249,7 +274,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -263,22 +289,22 @@ 
Method Details

 

 
 

-    get(project, region, notificationEndpoint, x__xgafv=None)
+    get(project, region, notificationEndpoint)
   
Returns the specified NotificationEndpoint resource in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   notificationEndpoint: string, Name of the NotificationEndpoint resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+    { # Represents a notification endpoint.
+    #
+    # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+    #
+    # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -300,7 +326,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Create a NotificationEndpoint in the specified project in the given region using the parameters that are included in the request.
 
 Args:
@@ -309,7 +335,11 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+{ # Represents a notification endpoint.
+    # 
+    # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+    # 
+    # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -329,16 +359,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -373,7 +416,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -387,21 +431,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the NotificationEndpoints for a project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -409,7 +459,11 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NotificationEndpoint resources.
-    { # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+    { # Represents a notification endpoint.
+        #
+        # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+        #
+        # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -434,7 +488,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -460,7 +515,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -476,10 +531,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionOperations.html b/docs/dyn/compute_alpha.regionOperations.html
index a23ffc82fad..26872915680 100644
--- a/docs/dyn/compute_alpha.regionOperations.html
+++ b/docs/dyn/compute_alpha.regionOperations.html
@@ -78,20 +78,20 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, operation, x__xgafv=None)

+  delete(project, region, operation)

 
Deletes the specified region-specific Operations resource.

 

-  get(project, region, operation, x__xgafv=None)

+  get(project, region, operation)

 
Retrieves the specified region-specific Operations resource.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, region, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, region, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

     close()
@@ -99,37 +99,42 @@ 
Method Details

 

 
 

-    delete(project, region, operation, x__xgafv=None)
+    delete(project, region, operation)
   
Deletes the specified region-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, region, operation, x__xgafv=None)
+    get(project, region, operation)
   
Retrieves the specified region-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -164,7 +169,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -178,21 +184,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -200,7 +212,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -235,7 +260,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -252,7 +278,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -278,22 +305,35 @@ 
Method Details

 

 
 

-    wait(project, region, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, region, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -328,7 +368,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionSecurityPolicies.html b/docs/dyn/compute_alpha.regionSecurityPolicies.html
index fb0b3610b8a..3306e7ee7c7 100644
--- a/docs/dyn/compute_alpha.regionSecurityPolicies.html
+++ b/docs/dyn/compute_alpha.regionSecurityPolicies.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, securityPolicy, requestId=None, x__xgafv=None)

+  delete(project, region, securityPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(project, region, securityPolicy, x__xgafv=None)

+  get(project, region, securityPolicy)

 
List all of the ordered rules present in a single specified policy.

 

-  insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, validateOnly=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
List all the policies that have been configured for the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, securityPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, securityPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 
Method Details

 

@@ -102,23 +102,36 @@ 
Method Details

 

 
 

-    delete(project, region, securityPolicy, requestId=None, x__xgafv=None)
+    delete(project, region, securityPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   securityPolicy: string, Name of the security policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -153,7 +166,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -167,22 +181,20 @@ 
Method Details

 

 
 

-    get(project, region, securityPolicy, x__xgafv=None)
+    get(project, region, securityPolicy)
   
List all of the ordered rules present in a single specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   securityPolicy: string, Name of the security policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+    #
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -210,10 +222,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -226,7 +242,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -238,21 +256,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -261,7 +293,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -288,7 +338,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -303,7 +355,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, validateOnly=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
@@ -312,7 +364,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -340,10 +394,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -356,7 +414,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -368,21 +428,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -391,7 +465,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -418,7 +510,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -431,17 +525,30 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -476,7 +583,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -490,21 +598,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
List all the policies that have been configured for the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -513,7 +627,9 @@ 
Method Details

   "etag": "A String",
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SecurityPolicy resources.
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+        #
+        # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
       "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
         "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
           "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -541,10 +657,14 @@ 
Method Details

       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -557,7 +677,9 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "headerAction": { # Optional, additional actions that are performed on headers.
             "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
               {
@@ -569,21 +691,35 @@ 
Method Details

           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -592,7 +728,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -619,7 +773,9 @@ 
Method Details

           "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -639,7 +795,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -665,7 +822,7 @@ 
Method Details

 

 
 

-    patch(project, region, securityPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, securityPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -675,7 +832,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -703,10 +862,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -719,7 +882,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -731,21 +896,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -754,7 +933,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -781,7 +978,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -794,16 +993,29 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -838,7 +1050,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.regionSslCertificates.html b/docs/dyn/compute_alpha.regionSslCertificates.html
index dafbe827ee8..d0224116a31 100644
--- a/docs/dyn/compute_alpha.regionSslCertificates.html
+++ b/docs/dyn/compute_alpha.regionSslCertificates.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, sslCertificate, requestId=None, x__xgafv=None)

+  delete(project, region, sslCertificate, requestId=None)

 
Deletes the specified SslCertificate resource in the region.

 

-  get(project, region, sslCertificate, x__xgafv=None)

+  get(project, region, sslCertificate)

 
Returns the specified SslCertificate resource in the specified region. Get a list of available SSL certificates by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a SslCertificate resource in the specified project and region using the data included in the request

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of SslCertificate resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource and region.

 
Method Details

 

@@ -102,23 +102,36 @@ 
Method Details

 

 
 

-    delete(project, region, sslCertificate, requestId=None, x__xgafv=None)
+    delete(project, region, sslCertificate, requestId=None)
   
Deletes the specified SslCertificate resource in the region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -153,7 +166,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -167,22 +181,32 @@ 
Method Details

 

 
 

-    get(project, region, sslCertificate, x__xgafv=None)
+    get(project, region, sslCertificate)
   
Returns the specified SslCertificate resource in the specified region. Get a list of available SSL certificates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/alpha/sslCertificates) * [Regional](/compute/docs/reference/rest/alpha/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+    #
+    # Google Compute Engine has two SSL Certificate resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    #
+    #
+    #
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    #
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    #
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -215,7 +239,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a SslCertificate resource in the specified project and region using the data included in the request
 
 Args:
@@ -224,7 +248,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/alpha/sslCertificates) * [Regional](/compute/docs/reference/rest/alpha/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+{ # Represents an SSL Certificate resource.
+    # 
+    # Google Compute Engine has two SSL Certificate resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    # 
+    # 
+    # 
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    # 
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    # 
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -255,16 +293,29 @@ 
Method Details

   "type": "A String", # (Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields certificate and private_key are used.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -299,7 +350,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -313,21 +365,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of SslCertificate resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -335,7 +393,21 @@ 
Method Details

     { # Contains a list of SslCertificate resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslCertificate resources.
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/alpha/sslCertificates) * [Regional](/compute/docs/reference/rest/alpha/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+        #
+        # Google Compute Engine has two SSL Certificate resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+        #
+        #
+        #
+        # The sslCertificates are used by:
+        # - external HTTPS load balancers
+        # - SSL proxy load balancers
+        #
+        # The regionSslCertificates are used by internal HTTPS load balancers.
+        #
+        # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
       "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -371,7 +443,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -397,7 +470,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource and region.
 
 Args:
@@ -413,10 +486,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionTargetHttpProxies.html b/docs/dyn/compute_alpha.regionTargetHttpProxies.html
index 1c9cdf2c666..21721c33a14 100644
--- a/docs/dyn/compute_alpha.regionTargetHttpProxies.html
+++ b/docs/dyn/compute_alpha.regionTargetHttpProxies.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetHttpProxy, requestId=None, x__xgafv=None)

+  delete(project, region, targetHttpProxy, requestId=None)

 
Deletes the specified TargetHttpProxy resource.

 

-  get(project, region, targetHttpProxy, x__xgafv=None)

+  get(project, region, targetHttpProxy)

 
Returns the specified TargetHttpProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a TargetHttpProxy resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpProxy resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setUrlMap(project, region, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, region, targetHttpProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpProxy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,23 +105,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetHttpProxy, requestId=None, x__xgafv=None)
+    delete(project, region, targetHttpProxy, requestId=None)
   
Deletes the specified TargetHttpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -156,7 +169,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -170,32 +184,43 @@ 
Method Details

 

 
 

-    get(project, region, targetHttpProxy, x__xgafv=None)
+    get(project, region, targetHttpProxy)
   
Returns the specified TargetHttpProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    #
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    #
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    #
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -204,7 +229,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a TargetHttpProxy resource in the specified project and region using the data included in the request.
 
 Args:
@@ -213,33 +238,61 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -274,7 +327,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -288,21 +342,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpProxy resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -310,17 +370,32 @@ 
Method Details

     { # A list of TargetHttpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpProxy resources.
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTP Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+        #
+        # A target HTTP proxy is a component of GCP HTTP load balancers.
+        #
+        # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+        #
+        # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -332,7 +407,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -358,7 +434,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, region, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, region, targetHttpProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpProxy.
 
 Args:
@@ -372,16 +448,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -416,7 +505,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -430,7 +520,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -446,10 +536,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionTargetHttpsProxies.html b/docs/dyn/compute_alpha.regionTargetHttpsProxies.html
index de4d2ff5a1c..87323d2240f 100644
--- a/docs/dyn/compute_alpha.regionTargetHttpsProxies.html
+++ b/docs/dyn/compute_alpha.regionTargetHttpsProxies.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetHttpsProxy, requestId=None, x__xgafv=None)

+  delete(project, region, targetHttpsProxy, requestId=None)

 
Deletes the specified TargetHttpsProxy resource.

 

-  get(project, region, targetHttpsProxy, x__xgafv=None)

+  get(project, region, targetHttpsProxy)

 
Returns the specified TargetHttpsProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a TargetHttpsProxy resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpsProxy resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None)

 
Replaces SslCertificates for TargetHttpsProxy.

 

-  setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpsProxy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,23 +108,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetHttpsProxy, requestId=None, x__xgafv=None)
+    delete(project, region, targetHttpsProxy, requestId=None)
   
Deletes the specified TargetHttpsProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -159,7 +172,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,51 +187,75 @@ 
Method Details

 

 
 

-    get(project, region, targetHttpsProxy, x__xgafv=None)
+    get(project, region, targetHttpsProxy)
   
Returns the specified TargetHttpsProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    #
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    #
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    #
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a TargetHttpsProxy resource in the specified project and region using the data included in the request.
 
 Args:
@@ -226,43 +264,84 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -297,7 +376,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -311,21 +391,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpsProxy resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -333,31 +419,59 @@ 
Method Details

     { # Contains a list of TargetHttpsProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpsProxy resources.
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTPS Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+        #
+        # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+        #
+        # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+        #
+        # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
       "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
       "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+          # Refer to the AuthorizationPolicy resource for additional details.
+          # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # Note: This field currently has no impact.
       "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
+      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+          # - When quic-override is set to NONE, Google manages whether QUIC is used.
+          # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+          # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+          # - If the quic-override flag is not specified, NONE is implied.
       "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+          # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # If left blank, communications are not encrypted.
+          # Note: This field currently has no impact.
       "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
         "A String",
       ],
       "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+          # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+          # - projects/project/global/urlMaps/url-map
+          # - global/urlMaps/url-map
     },
   ],
   "kind": "compute#targetHttpsProxyList", # Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.
@@ -365,7 +479,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -391,7 +506,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None)
   
Replaces SslCertificates for TargetHttpsProxy.
 
 Args:
@@ -407,16 +522,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -451,7 +579,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -465,7 +594,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpsProxy.
 
 Args:
@@ -479,16 +608,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -523,7 +665,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -537,7 +680,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -553,10 +696,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regionUrlMaps.html b/docs/dyn/compute_alpha.regionUrlMaps.html
index bdd0d24aecf..220ad6c77d6 100644
--- a/docs/dyn/compute_alpha.regionUrlMaps.html
+++ b/docs/dyn/compute_alpha.regionUrlMaps.html
@@ -78,34 +78,34 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, urlMap, requestId=None, x__xgafv=None)

+  delete(project, region, urlMap, requestId=None)

 
Deletes the specified UrlMap resource.

 

-  get(project, region, urlMap, x__xgafv=None)

+  get(project, region, urlMap)

 
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a UrlMap resource in the specified project using the data included in the request.

 

-  invalidateCache(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

-
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).

+  invalidateCache(project, region, urlMap, body=None, requestId=None)

+
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of UrlMap resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, urlMap, body=None, requestId=None)

 
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

+  update(project, region, urlMap, body=None, requestId=None)

 
Updates the specified UrlMap resource with the data included in the request.

 

-  validate(project, region, urlMap, body=None, x__xgafv=None)

+  validate(project, region, urlMap, body=None)

 
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.

 
Method Details

 

@@ -114,7 +114,7 @@ 
Method Details

 

 
 

-    delete(project, region, urlMap, requestId=None, x__xgafv=None)
+    delete(project, region, urlMap, requestId=None)
   
Deletes the specified UrlMap resource.
 
 Args:
@@ -122,15 +122,24 @@ 
Method Details

   region: string, Name of the region scoping this request. (required)
   urlMap: string, Name of the UrlMap resource to delete. (required)
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -165,7 +174,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -179,36 +189,55 @@ 
Method Details

 

 
 

-    get(project, region, urlMap, x__xgafv=None)
+    get(project, region, urlMap)
   
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   urlMap: string, Name of the UrlMap resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+    #
+    # Google Compute Engine has two URL Map resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    #
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    #
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    #
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    #
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    #
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    #
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -217,53 +246,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -273,34 +333,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -310,7 +397,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -320,7 +408,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -331,19 +420,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -352,53 +447,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -408,33 +534,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -444,7 +600,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -452,24 +609,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -478,53 +643,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -534,37 +730,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -574,21 +796,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -597,60 +823,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -659,53 +937,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -715,25 +1024,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -741,12 +1070,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -756,14 +1090,15 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a UrlMap resource in the specified project using the data included in the request.
 
 Args:
@@ -772,21 +1107,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -795,53 +1153,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -851,34 +1240,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -888,7 +1304,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -898,7 +1315,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -909,19 +1327,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -930,53 +1354,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -986,33 +1441,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1022,7 +1507,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1030,24 +1516,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1056,53 +1550,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1112,37 +1637,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1152,21 +1703,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1175,60 +1730,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1237,53 +1844,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1293,25 +1931,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1319,12 +1977,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -1334,21 +1997,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1383,7 +2056,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1397,8 +2071,10 @@ 
Method Details

 

 
 

-    invalidateCache(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
-  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
+    invalidateCache(project, region, urlMap, body=None, requestId=None)
+  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.
+
+For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1413,15 +2089,24 @@ 
Method Details

 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1456,7 +2141,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1470,21 +2156,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of UrlMap resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1492,21 +2184,44 @@ 
Method Details

     { # Contains a list of UrlMap resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of UrlMap resources.
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+        #
+        # Google Compute Engine has two URL Map resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+        #
+        # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+        #
+        # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+        #
+        # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+        #
+        # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+        #
+        # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+        #
+        # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+          # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1515,53 +2230,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1571,34 +2317,61 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # The headerAction specified here take effect after headerAction specified under pathMatcher.
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1608,7 +2381,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1618,7 +2392,8 @@ 
Method Details

       "hostRules": [ # The list of HostRules to use against the URL.
         { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+              # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "A String",
           ],
           "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -1629,19 +2404,25 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "pathMatchers": [ # The list of named PathMatchers to use against the URL.
         { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1650,53 +2431,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1706,33 +2518,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+              # - compute/v1/projects/project/global/backendServices/backendService
+              # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+              # - compute.backendBuckets.use
+              # - compute.backendServices.use
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1742,7 +2584,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1750,24 +2593,32 @@ 
Method Details

             ],
           },
           "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+              # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+              # Within a given pathMatcher, only one of pathRules or routeRules must be set.
             { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
               "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                 "A String",
               ],
-              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of routeAction or urlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1776,53 +2627,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1832,37 +2714,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
-          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+              # Within a given pathMatcher, you can set only one of pathRules or routeRules.
             { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-              "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "description": "A String", # The short description conveying the intent of this routeRule.
+                  # The description can have a maximum length of 1024 characters.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1872,21 +2780,25 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                   "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
                 },
               ],
-              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1895,60 +2807,112 @@ 
Method Details

               ],
               "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                 { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                      # fullPathMatch must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                   "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                     { # matchRule criteria for request header matches.
-                      "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "headerName": "A String", # The name of the HTTP header to match.
+                          # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                          # For matching a request's method, use the headerName ":method".
+                          # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                          # The default setting is false.
+                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                          # For example for a range [-5, 0]
+                          # - -3 will match.
+                          # - 0 will not match.
+                          # - 0.25 will not match.
+                          # - -3someString will not match.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                         "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                         "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                       },
-                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                          # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                     },
                   ],
-                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                      # The default value is false.
+                      # ignoreCase must not be used with regexMatch.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                      # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                          # This list must not be empty and can have at the most 64 entries.
                         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                          "name": "A String", # Name of metadata label.
+                              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                          "value": "A String", # The value of the label must match the specified value.
+                              # value can have a maximum length of 1024 characters.
                         },
                       ],
-                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                          # Supported values are:
+                          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                     },
                   ],
-                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                      # The value must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                      # Not supported when the URL map is bound to target gRPC proxy.
                     { # HttpRouteRuleMatch criteria for a request's query parameter.
-                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
                       "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                  # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                  # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1957,53 +2921,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2013,25 +3008,45 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
@@ -2039,12 +3054,17 @@ 
Method Details

       ],
       "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         { # Message for the expected URL mappings.
           "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
           "description": "A String", # Description of this test case.
-          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+              # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+              # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+              # expectedOutputUrl is optional when service is specified.
+          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+              # expectedRedirectResponseCode cannot be set when service is set.
           "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
           "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
             { # HTTP headers used in UrlMapTests.
@@ -2054,7 +3074,8 @@ 
Method Details

           ],
           "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
           "path": "A String", # Path portion of the URL.
-          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+              # service cannot be set if expectedRedirectResponseCode is set.
         },
       ],
     },
@@ -2064,7 +3085,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2090,7 +3112,7 @@ 
Method Details

 

 
 

-    patch(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, urlMap, body=None, requestId=None)
   
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -2100,21 +3122,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2123,53 +3168,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2179,34 +3255,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2216,7 +3319,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2226,7 +3330,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2237,19 +3342,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2258,53 +3369,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2314,33 +3456,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2350,7 +3522,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2358,24 +3531,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2384,53 +3565,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2440,37 +3652,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2480,21 +3718,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -2503,60 +3745,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2565,53 +3859,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2621,25 +3946,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -2647,12 +3992,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -2662,21 +4012,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2711,7 +4071,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2725,7 +4086,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -2741,10 +4102,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2757,7 +4114,7 @@ 
Method Details

 

 
 

-    update(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
+    update(project, region, urlMap, body=None, requestId=None)
   
Updates the specified UrlMap resource with the data included in the request.
 
 Args:
@@ -2767,21 +4124,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2790,53 +4170,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2846,34 +4257,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2883,7 +4321,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2893,7 +4332,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2904,19 +4344,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2925,53 +4371,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2981,33 +4458,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3017,7 +4524,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3025,24 +4533,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3051,53 +4567,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3107,37 +4654,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3147,21 +4720,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3170,60 +4747,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3232,53 +4861,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3288,25 +4948,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3314,12 +4994,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -3329,21 +5014,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3378,7 +5073,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3392,7 +5088,7 @@ 
Method Details

 

 
 

-    validate(project, region, urlMap, body=None, x__xgafv=None)
+    validate(project, region, urlMap, body=None)
   
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.
 
 Args:
@@ -3403,21 +5099,44 @@ 
Method Details

     The object takes the form of:
 
 {
-  "resource": { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts. # Content of the UrlMap to be validated.
+  "resource": { # Represents a URL Map resource. # Content of the UrlMap to be validated.
+      #
+      # Google Compute Engine has two URL Map resources:
+      #
+      # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+      #
+      # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+      #
+      # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+      #
+      # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+      #
+      # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+      #
+      # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+      #
+      # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-    "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+    "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+        # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+        # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+        # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+            # Default is false.
         "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
           "A String",
         ],
         "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
           "A String",
         ],
-        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
-        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
         "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3426,53 +5145,84 @@ 
Method Details

         ],
         "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
       },
-      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+          # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
         "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-          "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "httpStatus": 42, # The HTTP status code used to abort the request.
+              # The value must be between 200 and 599 inclusive.
+              # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
         "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
           "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+          # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
       },
-      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+            # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+            # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+            # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+            # -
+            # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+            # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+            # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+            # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+            # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+            # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+            # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
           "A String",
         ],
       },
-      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+          # If not specified, will use the largest timeout among all backend services associated with the route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+          # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+            # The value must be between 1 and 255 characters.
+        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+            # The value must be between 1 and 1024 characters.
       },
-      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-        { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+          # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+        { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
           "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3482,34 +5232,61 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+              # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+              # The value must be between 0 and 1000
         },
       ],
     },
-    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+        # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+        # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+        # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+          # The value must be between 1 and 255 characters.
+      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+          # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+          # The default is set to false.
+      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+          # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+          # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+          # Supported values are:
+          # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+          # - FOUND, which corresponds to 302.
+          # - SEE_OTHER which corresponds to 303.
+          # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+          # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+          # The default is set to false.
     },
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+        # The headerAction specified here take effect after headerAction specified under pathMatcher.
+        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3519,7 +5296,8 @@ 
Method Details

         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3529,7 +5307,8 @@ 
Method Details

     "hostRules": [ # The list of HostRules to use against the URL.
       { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+            # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "A String",
         ],
         "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -3540,19 +5319,25 @@ 
Method Details

     "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     "pathMatchers": [ # The list of named PathMatchers to use against the URL.
       { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-        "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+        "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+            # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+            # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                # Default is false.
             "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
               "A String",
             ],
             "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
               "A String",
             ],
-            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
-            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
             "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3561,53 +5346,84 @@ 
Method Details

             ],
             "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
           },
-          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+              # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
             "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-              "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "httpStatus": 42, # The HTTP status code used to abort the request.
+                  # The value must be between 200 and 599 inclusive.
+                  # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
             "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
               "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+              # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
           },
-          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                # -
+                # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
               "A String",
             ],
           },
-          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+              # If not specified, will use the largest timeout among all backend services associated with the route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+              # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                # The value must be between 1 and 255 characters.
+            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                # The value must be between 1 and 1024 characters.
           },
-          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-            { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+              # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+            { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
               "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3617,33 +5433,63 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                  # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                  # The value must be between 0 and 1000
             },
           ],
         },
-        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+            # - compute/v1/projects/project/global/backendServices/backendService
+            # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+            # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+            # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+            # - compute.backendBuckets.use
+            # - compute.backendServices.use
+        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+            # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+              # The value must be between 1 and 255 characters.
+          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+              # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+              # The default is set to false.
+          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+              # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+              # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+              # Supported values are:
+              # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+              # - FOUND, which corresponds to 302.
+              # - SEE_OTHER which corresponds to 303.
+              # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+              # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+              # The default is set to false.
         },
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3653,7 +5499,8 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3661,24 +5508,32 @@ 
Method Details

           ],
         },
         "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+            # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+            # Within a given pathMatcher, only one of pathRules or routeRules must be set.
           { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
             "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
               "A String",
             ],
-            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of routeAction or urlRedirect must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3687,53 +5542,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3743,37 +5629,63 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
-        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+            # Within a given pathMatcher, you can set only one of pathRules or routeRules.
           { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-            "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "description": "A String", # The short description conveying the intent of this routeRule.
+                # The description can have a maximum length of 1024 characters.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3783,21 +5695,25 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                 "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
               },
             ],
-            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3806,60 +5722,112 @@ 
Method Details

             ],
             "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
               { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                    # fullPathMatch must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                 "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                   { # matchRule criteria for request header matches.
-                    "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "headerName": "A String", # The name of the HTTP header to match.
+                        # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                        # For matching a request's method, use the headerName ":method".
+                        # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                        # The default setting is false.
+                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                        # For example for a range [-5, 0]
+                        # - -3 will match.
+                        # - 0 will not match.
+                        # - 0.25 will not match.
+                        # - -3someString will not match.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                       "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                       "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                     },
-                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                        # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                   },
                 ],
-                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                    # The default value is false.
+                    # ignoreCase must not be used with regexMatch.
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                    # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                    # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                      # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                        # This list must not be empty and can have at the most 64 entries.
                       { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                        "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                        "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                        "name": "A String", # Name of metadata label.
+                            # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                        "value": "A String", # The value of the label must match the specified value.
+                            # value can have a maximum length of 1024 characters.
                       },
                     ],
-                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                        # Supported values are:
+                        # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                        # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                   },
                 ],
-                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                    # The value must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                    # Not supported when the URL map is bound to target gRPC proxy.
                   { # HttpRouteRuleMatch criteria for a request's query parameter.
-                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
                     "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                        # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                   },
                 ],
-                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                    # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               },
             ],
-            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3868,53 +5836,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3924,25 +5923,45 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
@@ -3950,12 +5969,17 @@ 
Method Details

     ],
     "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
     "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       { # Message for the expected URL mappings.
         "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
         "description": "A String", # Description of this test case.
-        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+            # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+            # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+            # expectedOutputUrl is optional when service is specified.
+        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+            # expectedRedirectResponseCode cannot be set when service is set.
         "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
         "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
           { # HTTP headers used in UrlMapTests.
@@ -3965,16 +5989,13 @@ 
Method Details

         ],
         "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
         "path": "A String", # Path portion of the URL.
-        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+            # service cannot be set if expectedRedirectResponseCode is set.
       },
     ],
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.regions.html b/docs/dyn/compute_alpha.regions.html
index d24716f92f7..67b1d2350cc 100644
--- a/docs/dyn/compute_alpha.regions.html
+++ b/docs/dyn/compute_alpha.regions.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, x__xgafv=None)

+  get(project, region)

 
Returns the specified Region resource. Gets a list of available regions by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of region resources available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,21 +93,19 @@ 
Method Details

 

 
 

-    get(project, region, x__xgafv=None)
+    get(project, region)
   
Returns the specified Region resource. Gets a list of available regions by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Region resource. A region is a geographical area where a resource is located. For more information, read Regions and Zones.
+    { # Represents a Region resource.
+    #
+    # A region is a geographical area where a resource is located. For more information, read Regions and Zones. (== resource_for {$api_version}.regions ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this region.
     "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -117,7 +115,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -145,20 +147,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of region resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -166,7 +174,9 @@ 
Method Details

     { # Contains a list of region resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Region resources.
-    { # Represents a Region resource. A region is a geographical area where a resource is located. For more information, read Regions and Zones.
+    { # Represents a Region resource.
+        #
+        # A region is a geographical area where a resource is located. For more information, read Regions and Zones. (== resource_for {$api_version}.regions ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this region.
         "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -176,7 +186,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -207,7 +221,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.reservations.html b/docs/dyn/compute_alpha.reservations.html
index 26898fadab6..6646863f1e6 100644
--- a/docs/dyn/compute_alpha.reservations.html
+++ b/docs/dyn/compute_alpha.reservations.html
@@ -75,7 +75,7 @@
 
Compute Engine API . reservations

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of reservations.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, reservation, requestId=None, x__xgafv=None)

+  delete(project, zone, reservation, requestId=None)

 
Deletes the specified reservation.

 

-  get(project, zone, reservation, x__xgafv=None)

+  get(project, zone, reservation)

 
Retrieves information about the specified reservation.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a new reservation. For more information, read Reserving zonal resources.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
A list of all the reservations that have been configured for the specified project in specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  resize(project, zone, reservation, body=None, requestId=None, x__xgafv=None)

+  resize(project, zone, reservation, body=None, requestId=None)

 
Resizes the reservation (applicable to standalone reservations only). For more information, read Modifying reservations.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of reservations.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,7 +142,7 @@ 
Method Details

   "items": { # A list of Allocation resources.
     "a_key": { # Name of the scope containing this set of reservations.
       "reservations": [ # A list of reservations contained in this scope.
-        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
           "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -182,7 +188,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of reservations when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -200,7 +207,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -231,23 +239,36 @@ 
Method Details

 

 
 

-    delete(project, zone, reservation, requestId=None, x__xgafv=None)
+    delete(project, zone, reservation, requestId=None)
   
Deletes the specified reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   reservation: string, Name of the reservation to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -282,7 +303,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -296,22 +318,18 @@ 
Method Details

 

 
 

-    get(project, zone, reservation, x__xgafv=None)
+    get(project, zone, reservation)
   
Retrieves information about the specified reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   reservation: string, Name of the reservation to retrieve. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
   "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -357,7 +375,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -365,27 +383,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -393,76 +435,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a new reservation. For more information, read Reserving zonal resources.
 
 Args:
@@ -471,7 +581,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+{ # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
   "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -515,16 +625,29 @@ 
Method Details

   "zone": "A String", # Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -559,7 +682,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -573,21 +697,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
A list of all the reservations that have been configured for the specified project in specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -595,7 +725,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Allocation resources.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -644,7 +774,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -670,7 +801,7 @@ 
Method Details

 

 
 

-    resize(project, zone, reservation, body=None, requestId=None, x__xgafv=None)
+    resize(project, zone, reservation, body=None, requestId=None)
   
Resizes the reservation (applicable to standalone reservations only). For more information, read Modifying reservations.
 
 Args:
@@ -684,16 +815,29 @@ 
Method Details

   "specificSkuCount": "A String", # Number of allocated resources can be resized with minimum = 1 and maximum = 1000.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -728,7 +872,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -742,7 +887,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -755,33 +900,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -789,95 +1008,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -885,76 +1196,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -970,10 +1349,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.resourcePolicies.html b/docs/dyn/compute_alpha.resourcePolicies.html
index 7bca52d6469..cba9d7ee637 100644
--- a/docs/dyn/compute_alpha.resourcePolicies.html
+++ b/docs/dyn/compute_alpha.resourcePolicies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . resourcePolicies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of resource policies.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, resourcePolicy, requestId=None, x__xgafv=None)

+  delete(project, region, resourcePolicy, requestId=None)

 
Deletes the specified resource policy.

 

-  get(project, region, resourcePolicy, x__xgafv=None)

+  get(project, region, resourcePolicy)

 
Retrieves all information of the specified resource policy.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a new resource policy.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
A list all the resource policies that have been configured for the specified project in specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of resource policies.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -135,6 +141,8 @@ 
Method Details

     "a_key": { # Name of the scope containing this set of resourcePolicies.
       "resourcePolicies": [ # A list of resourcePolicies contained in this scope.
         { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+            #
+            # (== resource_for {$api_version}.resourcePolicies ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String",
           "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -171,7 +179,7 @@ 
Method Details

           "snapshotSchedulePolicy": { # A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained. # Resource policy for persistent disks for creating snapshots.
             "retentionPolicy": { # Policy for retention of scheduled snapshots. # Retention policy applied to snapshots created by this resource policy.
               "maxRetentionDays": 42, # Maximum age of the snapshot that is allowed to be kept.
-              "onPolicySwitch": "A String",
+              "onPolicySwitch": "A String", # TODO(b/165626794): Remove this field Specifies the behavior to apply to existing, scheduled snapshots snapshots if the policy is changed.
               "onSourceDiskDelete": "A String", # Specifies the behavior to apply to scheduled snapshots when the source disk is deleted.
             },
             "schedule": { # A schedule for disks where the schedueled operations are performed. # A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy.
@@ -223,7 +231,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of resourcePolicies when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -241,7 +250,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -272,23 +282,36 @@ 
Method Details

 

 
 

-    delete(project, region, resourcePolicy, requestId=None, x__xgafv=None)
+    delete(project, region, resourcePolicy, requestId=None)
   
Deletes the specified resource policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   resourcePolicy: string, Name of the resource policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -323,7 +346,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -337,22 +361,20 @@ 
Method Details

 

 
 

-    get(project, region, resourcePolicy, x__xgafv=None)
+    get(project, region, resourcePolicy)
   
Retrieves all information of the specified resource policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   resourcePolicy: string, Name of the resource policy to retrieve. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+    #
+    # (== resource_for {$api_version}.resourcePolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String",
   "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -389,7 +411,7 @@ 
Method Details

   "snapshotSchedulePolicy": { # A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained. # Resource policy for persistent disks for creating snapshots.
     "retentionPolicy": { # Policy for retention of scheduled snapshots. # Retention policy applied to snapshots created by this resource policy.
       "maxRetentionDays": 42, # Maximum age of the snapshot that is allowed to be kept.
-      "onPolicySwitch": "A String",
+      "onPolicySwitch": "A String", # TODO(b/165626794): Remove this field Specifies the behavior to apply to existing, scheduled snapshots snapshots if the policy is changed.
       "onSourceDiskDelete": "A String", # Specifies the behavior to apply to scheduled snapshots when the source disk is deleted.
     },
     "schedule": { # A schedule for disks where the schedueled operations are performed. # A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy.
@@ -441,7 +463,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -449,27 +471,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -477,76 +523,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a new resource policy.
 
 Args:
@@ -556,6 +670,8 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+    # 
+    # (== resource_for {$api_version}.resourcePolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String",
   "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -592,7 +708,7 @@ 
Method Details

   "snapshotSchedulePolicy": { # A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained. # Resource policy for persistent disks for creating snapshots.
     "retentionPolicy": { # Policy for retention of scheduled snapshots. # Retention policy applied to snapshots created by this resource policy.
       "maxRetentionDays": 42, # Maximum age of the snapshot that is allowed to be kept.
-      "onPolicySwitch": "A String",
+      "onPolicySwitch": "A String", # TODO(b/165626794): Remove this field Specifies the behavior to apply to existing, scheduled snapshots snapshots if the policy is changed.
       "onSourceDiskDelete": "A String", # Specifies the behavior to apply to scheduled snapshots when the source disk is deleted.
     },
     "schedule": { # A schedule for disks where the schedueled operations are performed. # A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy.
@@ -642,16 +758,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -686,7 +815,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -700,21 +830,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
A list all the resource policies that have been configured for the specified project in specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -724,6 +860,8 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of ResourcePolicy resources.
     { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+        #
+        # (== resource_for {$api_version}.resourcePolicies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String",
       "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -760,7 +898,7 @@ 
Method Details

       "snapshotSchedulePolicy": { # A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained. # Resource policy for persistent disks for creating snapshots.
         "retentionPolicy": { # Policy for retention of scheduled snapshots. # Retention policy applied to snapshots created by this resource policy.
           "maxRetentionDays": 42, # Maximum age of the snapshot that is allowed to be kept.
-          "onPolicySwitch": "A String",
+          "onPolicySwitch": "A String", # TODO(b/165626794): Remove this field Specifies the behavior to apply to existing, scheduled snapshots snapshots if the policy is changed.
           "onSourceDiskDelete": "A String", # Specifies the behavior to apply to scheduled snapshots when the source disk is deleted.
         },
         "schedule": { # A schedule for disks where the schedueled operations are performed. # A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy.
@@ -815,7 +953,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -841,7 +980,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -854,33 +993,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -888,95 +1101,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -984,76 +1289,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1069,10 +1442,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.routers.html b/docs/dyn/compute_alpha.routers.html
index c824061c9f6..797bf1ec74c 100644
--- a/docs/dyn/compute_alpha.routers.html
+++ b/docs/dyn/compute_alpha.routers.html
@@ -75,7 +75,7 @@
 
Compute Engine API . routers

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of routers.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,58 +84,64 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, router, requestId=None, x__xgafv=None)

+  delete(project, region, router, requestId=None)

 
Deletes the specified Router resource.

 

-  get(project, region, router, x__xgafv=None)

+  get(project, region, router)

 
Returns the specified Router resource. Gets a list of available routers by making a list() request.

 

-  getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves runtime Nat mapping information of VM endpoints.

 

   getNatMappingInfo_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  getRouterStatus(project, region, router, x__xgafv=None)

+  getRouterStatus(project, region, router)

 
Retrieves runtime information of the specified router.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a Router resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Router resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, router, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, router, body=None, requestId=None)

 
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  preview(project, region, router, body=None, x__xgafv=None)

+  preview(project, region, router, body=None)

 
Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, router, body=None, requestId=None, x__xgafv=None)

+  update(project, region, router, body=None, requestId=None)

 
Updates the specified Router resource with the data included in the request. This method conforms to PUT semantics, which requests that the state of the target resource be created or replaced with the state defined by the representation enclosed in the request message payload.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of routers.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -145,7 +151,9 @@ 
Method Details

   "items": { # A list of Router resources.
     "a_key": { # Name of the scope containing this set of routers.
       "routers": [ # A list of routers contained in this scope.
-        { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+        { # Represents a Cloud Router resource.
+            #
+            # For more information about Cloud Router, read the Cloud Router overview.
           "bgp": { # BGP information specific to this router.
             "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
             "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -158,12 +166,17 @@ 
Method Details

               },
             ],
             "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-            "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+            "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+                # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+                # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+                # If set, this value must be between 20 and 60. The default is 20.
           },
           "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
             {
               "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-              "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+              "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+                  # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+                  # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
                 "A String",
               ],
               "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -173,21 +186,36 @@ 
Method Details

                 },
               ],
               "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-              "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-                "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-                "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+              "bfd": { # BFD configuration for the BGP peering.
+                  # Not currently available publicly.
+                "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+                    # Not currently available publicly.
+                    # If set, this value must be between 100 and 30000.
+                    # The default is 300.
+                "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+                    # Not currently available publicly.
+                    # If set, this value must be between 100 and 30000.
+                    # The default is 300.
                 "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-                "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+                "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+                    # Not currently available publicly.
+                    # If set, the value must be a value between 2 and 16.
+                    # The default is 3.
                 "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-                "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+                "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+                    # Not currently available publicly.
+                    # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
                 "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
               },
-              "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+              "enable": "A String", # The status of the BGP peer connection.
+                  # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
               "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
               "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
               "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
               "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-              "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+              "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+                  # - MANAGED_BY_USER is the default value and can be managed by you or other users
+                  # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
               "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
               "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
               "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -197,14 +225,17 @@ 
Method Details

           ],
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+          "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+              # Not currently available publicly.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
             {
               "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
               "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
               "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-              "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+              "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+                  # - MANAGED_BY_USER is the default value and can be managed directly by users.
+                  # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
               "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
               "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
               "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -218,17 +249,30 @@ 
Method Details

               "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
                 "A String",
               ],
-              "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+              "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+                  # If not specified, it is disabled by default.
+                  # If set to true,
+                  # - Dynamic Port Allocation will be enabled on this NAT config.
+                  # - enableEndpointIndependentMapping cannot be set to true.
+                  # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
               "enableEndpointIndependentMapping": True or False,
               "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
               "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
                 "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-                "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+                "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+                    # - ERRORS_ONLY: Export logs only for connection failures.
+                    # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+                    # - ALL: Export logs for all connections, successful and unsuccessful.
               },
-              "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+              "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+                  # If Dynamic Port Allocation is not enabled, this field has no effect.
+                  # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+                  # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
               "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
               "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-              "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+              "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+                  # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+                  # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
               "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
                 "A String",
               ],
@@ -243,11 +287,20 @@ 
Method Details

                     ],
                   },
                   "description": "A String", # An optional description of this rule.
-                  "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+                  "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+                      #
+                      # The following examples are valid match expressions:
+                      #
+                      # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+                      #
+                      # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
                   "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
                 },
               ],
-              "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+              "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+                  # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+                  # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+                  # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
               "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
                 { # Defines the IP ranges that want to use NAT for a subnetwork.
                   "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -273,7 +326,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of routers when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -291,7 +345,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -322,23 +377,36 @@ 
Method Details

 

 
 

-    delete(project, region, router, requestId=None, x__xgafv=None)
+    delete(project, region, router, requestId=None)
   
Deletes the specified Router resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -373,7 +441,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -387,22 +456,20 @@ 
Method Details

 

 
 

-    get(project, region, router, x__xgafv=None)
+    get(project, region, router)
   
Returns the specified Router resource. Gets a list of available routers by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+    { # Represents a Cloud Router resource.
+    #
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -415,12 +482,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -430,21 +502,36 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
         "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
         "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
         "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
       "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -454,14 +541,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -475,17 +565,30 @@ 
Method Details

       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+          # If not specified, it is disabled by default.
+          # If set to true,
+          # - Dynamic Port Allocation will be enabled on this NAT config.
+          # - enableEndpointIndependentMapping cannot be set to true.
+          # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+          # If Dynamic Port Allocation is not enabled, this field has no effect.
+          # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+          # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
@@ -500,11 +603,20 @@ 
Method Details

             ],
           },
           "description": "A String", # An optional description of this rule.
-          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+              #
+              # The following examples are valid match expressions:
+              #
+              # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+              #
+              # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
           "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
         },
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -530,23 +642,29 @@ 
Method Details

 

 
 

-    getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves runtime Nat mapping information of VM endpoints.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to query for Nat Mapping information of VM endpoints. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
   natName: string, Name of the nat service to filter the Nat Mapping information. If it is omitted, all nats for this router will be returned. Name should conform to RFC1035.
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -590,7 +708,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -616,17 +735,13 @@ 
Method Details

 

 
 

-    getRouterStatus(project, region, router, x__xgafv=None)
+    getRouterStatus(project, region, router)
   
Retrieves runtime information of the specified router.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to query. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -635,7 +750,9 @@ 
Method Details

   "kind": "compute#routerStatusResponse", # Type of resource.
   "result": {
     "bestRoutes": [ # Best routes for this router's network.
-      { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+      { # Represents a Route resource.
+          #
+          # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
         "allowConflictingSubnetworks": True or False, # Whether this route can conflict with existing subnetworks. Setting this to true allows this route to conflict with subnetworks that have already been configured on the corresponding network.
         "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
         "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
@@ -645,9 +762,13 @@ 
Method Details

         "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
         "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
         "network": "A String", # Fully-qualified URL of the network that this route applies to.
-        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+            # - 10.128.0.56
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+            # - regions/region/forwardingRules/forwardingRule
+        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
         "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
         "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
         "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -662,7 +783,8 @@ 
Method Details

         "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
           {
             "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-            "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+            "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
               {
                 "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                 "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -674,7 +796,9 @@ 
Method Details

       },
     ],
     "bestRoutesForRouter": [ # Best routes learned by this router.
-      { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+      { # Represents a Route resource.
+          #
+          # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
         "allowConflictingSubnetworks": True or False, # Whether this route can conflict with existing subnetworks. Setting this to true allows this route to conflict with subnetworks that have already been configured on the corresponding network.
         "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
         "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
@@ -684,9 +808,13 @@ 
Method Details

         "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
         "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
         "network": "A String", # Fully-qualified URL of the network that this route applies to.
-        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+            # - 10.128.0.56
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+            # - regions/region/forwardingRules/forwardingRule
+        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
         "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
         "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
         "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -701,7 +829,8 @@ 
Method Details

         "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
           {
             "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-            "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+            "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
               {
                 "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                 "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -715,7 +844,9 @@ 
Method Details

     "bgpPeerStatus": [
       {
         "advertisedRoutes": [ # Routes that were advertised to the remote BGP peer
-          { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+          { # Represents a Route resource.
+              #
+              # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
             "allowConflictingSubnetworks": True or False, # Whether this route can conflict with existing subnetworks. Setting this to true allows this route to conflict with subnetworks that have already been configured on the corresponding network.
             "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
             "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
@@ -725,9 +856,13 @@ 
Method Details

             "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
             "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
             "network": "A String", # Fully-qualified URL of the network that this route applies to.
-            "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-            "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-            "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+            "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+            "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+                # - 10.128.0.56
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+                # - regions/region/forwardingRules/forwardingRule
+            "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+                # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
             "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
             "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
             "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -742,7 +877,8 @@ 
Method Details

             "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
               {
                 "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-                "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+                "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                    # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
                   {
                     "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                     "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -887,7 +1023,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a Router resource in the specified project and region using the data included in the request.
 
 Args:
@@ -896,7 +1032,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -909,12 +1047,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -924,21 +1067,36 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
         "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
         "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
         "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
       "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -948,14 +1106,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -969,17 +1130,30 @@ 
Method Details

       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+          # If not specified, it is disabled by default.
+          # If set to true,
+          # - Dynamic Port Allocation will be enabled on this NAT config.
+          # - enableEndpointIndependentMapping cannot be set to true.
+          # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+          # If Dynamic Port Allocation is not enabled, this field has no effect.
+          # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+          # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
@@ -994,11 +1168,20 @@ 
Method Details

             ],
           },
           "description": "A String", # An optional description of this rule.
-          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+              #
+              # The following examples are valid match expressions:
+              #
+              # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+              #
+              # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
           "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
         },
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1022,16 +1205,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1066,7 +1262,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1080,21 +1277,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Router resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1102,7 +1305,9 @@ 
Method Details

     { # Contains a list of Router resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Router resources.
-    { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+    { # Represents a Cloud Router resource.
+        #
+        # For more information about Cloud Router, read the Cloud Router overview.
       "bgp": { # BGP information specific to this router.
         "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
         "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1115,12 +1320,17 @@ 
Method Details

           },
         ],
         "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-        "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+        "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+            # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+            # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+            # If set, this value must be between 20 and 60. The default is 20.
       },
       "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
         {
           "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-          "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+          "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+              # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+              # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
             "A String",
           ],
           "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1130,21 +1340,36 @@ 
Method Details

             },
           ],
           "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-          "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-            "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-            "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+          "bfd": { # BFD configuration for the BGP peering.
+              # Not currently available publicly.
+            "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+                # Not currently available publicly.
+                # If set, this value must be between 100 and 30000.
+                # The default is 300.
+            "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+                # Not currently available publicly.
+                # If set, this value must be between 100 and 30000.
+                # The default is 300.
             "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-            "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+            "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+                # Not currently available publicly.
+                # If set, the value must be a value between 2 and 16.
+                # The default is 3.
             "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-            "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+            "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+                # Not currently available publicly.
+                # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
             "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
           },
-          "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+          "enable": "A String", # The status of the BGP peer connection.
+              # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
           "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
           "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
           "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
           "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-          "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+          "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+              # - MANAGED_BY_USER is the default value and can be managed by you or other users
+              # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
           "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
           "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1154,14 +1379,17 @@ 
Method Details

       ],
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+      "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+          # Not currently available publicly.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
         {
           "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
           "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
           "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-          "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+          "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+              # - MANAGED_BY_USER is the default value and can be managed directly by users.
+              # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
           "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
           "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1175,17 +1403,30 @@ 
Method Details

           "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
             "A String",
           ],
-          "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+          "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+              # If not specified, it is disabled by default.
+              # If set to true,
+              # - Dynamic Port Allocation will be enabled on this NAT config.
+              # - enableEndpointIndependentMapping cannot be set to true.
+              # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
           "enableEndpointIndependentMapping": True or False,
           "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
           "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
             "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-            "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+            "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+                # - ERRORS_ONLY: Export logs only for connection failures.
+                # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+                # - ALL: Export logs for all connections, successful and unsuccessful.
           },
-          "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+          "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+              # If Dynamic Port Allocation is not enabled, this field has no effect.
+              # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+              # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
           "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
           "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-          "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+          "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+              # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+              # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
           "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
             "A String",
           ],
@@ -1200,11 +1441,20 @@ 
Method Details

                 ],
               },
               "description": "A String", # An optional description of this rule.
-              "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+              "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+                  #
+                  # The following examples are valid match expressions:
+                  #
+                  # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+                  #
+                  # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
               "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
             },
           ],
-          "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+          "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+              # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+              # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+              # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
           "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
             { # Defines the IP ranges that want to use NAT for a subnetwork.
               "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1233,7 +1483,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1259,7 +1510,7 @@ 
Method Details

 

 
 

-    patch(project, region, router, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, router, body=None, requestId=None)
   
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -1269,7 +1520,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1282,12 +1535,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1297,21 +1555,36 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
         "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
         "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
         "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
       "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1321,14 +1594,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1342,17 +1618,30 @@ 
Method Details

       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+          # If not specified, it is disabled by default.
+          # If set to true,
+          # - Dynamic Port Allocation will be enabled on this NAT config.
+          # - enableEndpointIndependentMapping cannot be set to true.
+          # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+          # If Dynamic Port Allocation is not enabled, this field has no effect.
+          # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+          # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
@@ -1367,11 +1656,20 @@ 
Method Details

             ],
           },
           "description": "A String", # An optional description of this rule.
-          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+              #
+              # The following examples are valid match expressions:
+              #
+              # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+              #
+              # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
           "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
         },
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1395,16 +1693,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1439,7 +1750,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1453,7 +1765,7 @@ 
Method Details

 

 
 

-    preview(project, region, router, body=None, x__xgafv=None)
+    preview(project, region, router, body=None)
   
Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.
 
 Args:
@@ -1463,7 +1775,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1476,12 +1790,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1491,21 +1810,36 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
         "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
         "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
         "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
       "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1515,14 +1849,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1536,17 +1873,30 @@ 
Method Details

       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+          # If not specified, it is disabled by default.
+          # If set to true,
+          # - Dynamic Port Allocation will be enabled on this NAT config.
+          # - enableEndpointIndependentMapping cannot be set to true.
+          # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+          # If Dynamic Port Allocation is not enabled, this field has no effect.
+          # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+          # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
@@ -1561,11 +1911,20 @@ 
Method Details

             ],
           },
           "description": "A String", # An optional description of this rule.
-          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+              #
+              # The following examples are valid match expressions:
+              #
+              # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+              #
+              # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
           "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
         },
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1589,16 +1948,14 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     {
-  "resource": { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview. # Preview of given router.
+  "resource": { # Represents a Cloud Router resource. # Preview of given router.
+      #
+      # For more information about Cloud Router, read the Cloud Router overview.
     "bgp": { # BGP information specific to this router.
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
       "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1611,12 +1968,17 @@ 
Method Details

         },
       ],
       "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-      "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+      "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+          # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+          # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+          # If set, this value must be between 20 and 60. The default is 20.
     },
     "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
       {
         "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-        "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+        "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+            # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+            # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
           "A String",
         ],
         "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1626,21 +1988,36 @@ 
Method Details

           },
         ],
         "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-        "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-          "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-          "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+        "bfd": { # BFD configuration for the BGP peering.
+            # Not currently available publicly.
+          "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+              # Not currently available publicly.
+              # If set, this value must be between 100 and 30000.
+              # The default is 300.
+          "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+              # Not currently available publicly.
+              # If set, this value must be between 100 and 30000.
+              # The default is 300.
           "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-          "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+          "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+              # Not currently available publicly.
+              # If set, the value must be a value between 2 and 16.
+              # The default is 3.
           "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-          "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+          "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+              # Not currently available publicly.
+              # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
           "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
         },
-        "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+        "enable": "A String", # The status of the BGP peer connection.
+            # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
         "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
         "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
         "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
         "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-        "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+        "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+            # - MANAGED_BY_USER is the default value and can be managed by you or other users
+            # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
         "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
         "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
         "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1650,14 +2027,17 @@ 
Method Details

     ],
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+    "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+        # Not currently available publicly.
     "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
     "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
       {
         "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
         "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
         "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-        "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+        "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+            # - MANAGED_BY_USER is the default value and can be managed directly by users.
+            # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
         "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
         "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
         "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1671,17 +2051,30 @@ 
Method Details

         "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
           "A String",
         ],
-        "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+        "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+            # If not specified, it is disabled by default.
+            # If set to true,
+            # - Dynamic Port Allocation will be enabled on this NAT config.
+            # - enableEndpointIndependentMapping cannot be set to true.
+            # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
         "enableEndpointIndependentMapping": True or False,
         "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
         "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
           "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-          "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+          "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+              # - ERRORS_ONLY: Export logs only for connection failures.
+              # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+              # - ALL: Export logs for all connections, successful and unsuccessful.
         },
-        "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+        "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+            # If Dynamic Port Allocation is not enabled, this field has no effect.
+            # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+            # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
         "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
         "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-        "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+        "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+            # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+            # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
         "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
           "A String",
         ],
@@ -1696,11 +2089,20 @@ 
Method Details

               ],
             },
             "description": "A String", # An optional description of this rule.
-            "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+            "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+                #
+                # The following examples are valid match expressions:
+                #
+                # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+                #
+                # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
             "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
           },
         ],
-        "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+        "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+            # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+            # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+            # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
         "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
           { # Defines the IP ranges that want to use NAT for a subnetwork.
             "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1727,7 +2129,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1743,10 +2145,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1759,7 +2157,7 @@ 
Method Details

 

 
 

-    update(project, region, router, body=None, requestId=None, x__xgafv=None)
+    update(project, region, router, body=None, requestId=None)
   
Updates the specified Router resource with the data included in the request. This method conforms to PUT semantics, which requests that the state of the target resource be created or replaced with the state defined by the representation enclosed in the request message payload.
 
 Args:
@@ -1769,7 +2167,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1782,12 +2182,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1797,21 +2202,36 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
         "mode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
         "packetMode": "A String", # The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
         "slowTimerInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "enableIpv6": True or False, # Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
       "ipv6NexthopAddress": "A String", # IPv6 address of the interface inside Google Cloud Platform.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1821,14 +2241,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1842,17 +2265,30 @@ 
Method Details

       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
+      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation.
+          # If not specified, it is disabled by default.
+          # If set to true,
+          # - Dynamic Port Allocation will be enabled on this NAT config.
+          # - enableEndpointIndependentMapping cannot be set to true.
+          # - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
+      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.
+          # If Dynamic Port Allocation is not enabled, this field has no effect.
+          # If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.
+          # If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
@@ -1867,11 +2303,20 @@ 
Method Details

             ],
           },
           "description": "A String", # An optional description of this rule.
-          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions: "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')" "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
+          "match": "A String", # CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced.
+              #
+              # The following examples are valid match expressions:
+              #
+              # "inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')"
+              #
+              # "destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'"
           "ruleNumber": 42, # An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.
         },
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1895,16 +2340,29 @@ 
Method Details

   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1939,7 +2397,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.routes.html b/docs/dyn/compute_alpha.routes.html
index 70a81d5d605..386e650794d 100644
--- a/docs/dyn/compute_alpha.routes.html
+++ b/docs/dyn/compute_alpha.routes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, route, requestId=None, x__xgafv=None)

+  delete(project, route, requestId=None)

 
Deletes the specified Route resource.

 

-  get(project, route, x__xgafv=None)

+  get(project, route)

 
Returns the specified Route resource. Gets a list of available routes by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a Route resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Route resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, route, requestId=None, x__xgafv=None)
+    delete(project, route, requestId=None)
   
Deletes the specified Route resource.
 
 Args:
   project: string, Project ID for this request. (required)
   route: string, Name of the Route resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -152,7 +165,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,21 +180,19 @@ 
Method Details

 

 
 

-    get(project, route, x__xgafv=None)
+    get(project, route)
   
Returns the specified Route resource. Gets a list of available routes by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   route: string, Name of the Route resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+    { # Represents a Route resource.
+    #
+    # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
   "allowConflictingSubnetworks": True or False, # Whether this route can conflict with existing subnetworks. Setting this to true allows this route to conflict with subnetworks that have already been configured on the corresponding network.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
@@ -190,9 +202,13 @@ 
Method Details

   "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # Fully-qualified URL of the network that this route applies to.
-  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+      # - 10.128.0.56
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+      # - regions/region/forwardingRules/forwardingRule
+  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+      # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
   "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
   "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
   "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -207,7 +223,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -220,7 +237,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a Route resource in the specified project using the data included in the request.
 
 Args:
@@ -228,7 +245,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+{ # Represents a Route resource.
+    # 
+    # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
   "allowConflictingSubnetworks": True or False, # Whether this route can conflict with existing subnetworks. Setting this to true allows this route to conflict with subnetworks that have already been configured on the corresponding network.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
@@ -238,9 +257,13 @@ 
Method Details

   "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # Fully-qualified URL of the network that this route applies to.
-  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+      # - 10.128.0.56
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+      # - regions/region/forwardingRules/forwardingRule
+  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+      # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
   "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
   "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
   "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -255,7 +278,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -266,16 +290,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -310,7 +347,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -324,20 +362,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Route resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -345,7 +389,9 @@ 
Method Details

     { # Contains a list of Route resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Route resources.
-    { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+    { # Represents a Route resource.
+        #
+        # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
       "allowConflictingSubnetworks": True or False, # Whether this route can conflict with existing subnetworks. Setting this to true allows this route to conflict with subnetworks that have already been configured on the corresponding network.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
@@ -355,9 +401,13 @@ 
Method Details

       "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # Fully-qualified URL of the network that this route applies to.
-      "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-      "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-      "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+      "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+      "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+          # - 10.128.0.56
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+          # - regions/region/forwardingRules/forwardingRule
+      "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+          # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
       "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
       "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
       "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -372,7 +422,8 @@ 
Method Details

       "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -388,7 +439,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -414,7 +466,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -429,10 +481,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.securityPolicies.html b/docs/dyn/compute_alpha.securityPolicies.html
index dbf0d39f0e3..9832aee063a 100644
--- a/docs/dyn/compute_alpha.securityPolicies.html
+++ b/docs/dyn/compute_alpha.securityPolicies.html
@@ -75,10 +75,10 @@
 
Compute Engine API . securityPolicies

 
Instance Methods

 

-  addRule(project, securityPolicy, body=None, validateOnly=None, x__xgafv=None)

+  addRule(project, securityPolicy, body=None, validateOnly=None)

 
Inserts a rule into a security policy.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all SecurityPolicy resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,44 +87,44 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, securityPolicy, requestId=None, x__xgafv=None)

+  delete(project, securityPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(project, securityPolicy, x__xgafv=None)

+  get(project, securityPolicy)

 
List all of the ordered rules present in a single specified policy.

 

-  getRule(project, securityPolicy, priority=None, x__xgafv=None)

+  getRule(project, securityPolicy, priority=None)

 
Gets a rule at the specified priority.

 

-  insert(project, body=None, requestId=None, validateOnly=None, x__xgafv=None)

+  insert(project, body=None, requestId=None, validateOnly=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
List all the policies that have been configured for the specified project.

 

-  listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Gets the current list of preconfigured Web Application Firewall (WAF) expressions.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, securityPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, securityPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.

 

-  patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None, x__xgafv=None)

+  patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None)

 
Patches a rule at the specified priority.

 

-  removeRule(project, securityPolicy, priority=None, x__xgafv=None)

+  removeRule(project, securityPolicy, priority=None)

 
Deletes a rule at the specified priority.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on a security policy. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addRule(project, securityPolicy, body=None, validateOnly=None, x__xgafv=None)
+    addRule(project, securityPolicy, body=None, validateOnly=None)
   
Inserts a rule into a security policy.
 
 Args:
@@ -137,7 +137,9 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "headerAction": { # Optional, additional actions that are performed on headers.
     "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
       {
@@ -149,21 +151,35 @@ 
Method Details

   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -172,7 +188,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -199,7 +233,9 @@ 
Method Details

   "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -208,15 +244,24 @@ 
Method Details

 }
 
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -251,7 +296,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -265,21 +311,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all SecurityPolicy resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -290,7 +342,9 @@ 
Method Details

   "items": { # A list of SecurityPoliciesScopedList resources.
     "a_key": { # Name of the scope containing this set of security policies.
       "securityPolicies": [ # A list of SecurityPolicies contained in this scope.
-        { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+        { # Represents a Google Cloud Armor security policy resource.
+            #
+            # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
           "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
             "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
               "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -318,10 +372,14 @@ 
Method Details

           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make get() request to the security policy.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+              #
+              # To see the latest fingerprint, make get() request to the security policy.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -334,7 +392,9 @@ 
Method Details

               "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
               "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-              "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+              "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+                  #
+                  # This field may only be specified when the versioned_expr is set to FIREWALL.
               "headerAction": { # Optional, additional actions that are performed on headers.
                 "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
                   {
@@ -346,21 +406,35 @@ 
Method Details

               "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
               "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
                 "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-                  "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "destIpRanges": [ # CIDR IP address range.
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
-                  "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     {
                       "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                          #
+                          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                          #
+                          # This field may only be specified when versioned_expr is set to FIREWALL.
                         "A String",
                       ],
                     },
                   ],
-                  "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     {
                       "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                          #
+                          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                          #
+                          # This field may only be specified when versioned_expr is set to FIREWALL.
                         "A String",
                       ],
                     },
@@ -369,7 +443,25 @@ 
Method Details

                     "A String",
                   ],
                 },
-                "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                    #
+                    # Example (Comparison):
+                    #
+                    # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                    #
+                    # Example (Equality):
+                    #
+                    # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                    #
+                    # Example (Logic):
+                    #
+                    # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                    #
+                    # Example (Data Manipulation):
+                    #
+                    # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                    #
+                    # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
                   "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
                   "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
                   "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -396,7 +488,9 @@ 
Method Details

               "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
               "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
               "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-              "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+              "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
               "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -411,7 +505,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of security policies when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -429,7 +524,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -460,22 +556,35 @@ 
Method Details

 

 
 

-    delete(project, securityPolicy, requestId=None, x__xgafv=None)
+    delete(project, securityPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -510,7 +619,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -524,21 +634,19 @@ 
Method Details

 

 
 

-    get(project, securityPolicy, x__xgafv=None)
+    get(project, securityPolicy)
   
List all of the ordered rules present in a single specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+    #
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -566,10 +674,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -582,7 +694,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -594,21 +708,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -617,7 +745,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -644,7 +790,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -659,17 +807,13 @@ 
Method Details

 

 
 

-    getRule(project, securityPolicy, priority=None, x__xgafv=None)
+    getRule(project, securityPolicy, priority=None)
   
Gets a rule at the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -678,7 +822,9 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      #
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "headerAction": { # Optional, additional actions that are performed on headers.
     "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
       {
@@ -690,21 +836,35 @@ 
Method Details

   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -713,7 +873,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -740,7 +918,9 @@ 
Method Details

   "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      #
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -750,7 +930,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, validateOnly=None, x__xgafv=None)
+    insert(project, body=None, requestId=None, validateOnly=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
@@ -758,7 +938,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -786,10 +968,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -802,7 +988,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -814,21 +1002,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -837,7 +1039,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -864,7 +1084,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -877,17 +1099,30 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -922,7 +1157,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -936,20 +1172,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
List all the policies that have been configured for the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -958,7 +1200,9 @@ 
Method Details

   "etag": "A String",
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SecurityPolicy resources.
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+        #
+        # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
       "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
         "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
           "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -986,10 +1230,14 @@ 
Method Details

       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -1002,7 +1250,9 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "headerAction": { # Optional, additional actions that are performed on headers.
             "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
               {
@@ -1014,21 +1264,35 @@ 
Method Details

           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -1037,7 +1301,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1064,7 +1346,9 @@ 
Method Details

           "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1084,7 +1368,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1096,20 +1381,26 @@ 
Method Details

 

 
 

-    listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Gets the current list of preconfigured Web Application Firewall (WAF) expressions.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1124,10 +1415,10 @@ 
Method Details

           ],
           "expressions": [ # List of available expressions.
             {
-              "id": "A String", # Expression ID should uniquely identify the origin of the expression. E.g. owasp-crs-v020901-id973337 identifies Owasp core rule set version 2.9.1 rule id 973337. The ID could be used to determine the individual attack definition that has been detected. It could also be used to exclude it from the policy in case of false positive. required
+              "id": "A String", # Expression ID should uniquely identify the origin of the expression. E.g. owasp-crs-v020901-id973337 identifies Owasp core rule set version 2.9.1 rule id 973337. The ID could be used to determine the individual attack definition that has been detected. It could also be used to exclude it from the policy in case of false positive.
             },
           ],
-          "id": "A String", # Google specified expression set ID. The format should be: - E.g. XSS-20170329 required
+          "id": "A String", # Google specified expression set ID. The format should be: - E.g. XSS-20170329
         },
       ],
     },
@@ -1150,7 +1441,7 @@ 
Method Details

 

 
 

-    patch(project, securityPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, securityPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.
 
 Args:
@@ -1159,7 +1450,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -1187,10 +1480,14 @@ 
Method Details

   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -1203,7 +1500,9 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "headerAction": { # Optional, additional actions that are performed on headers.
         "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
           {
@@ -1215,21 +1514,35 @@ 
Method Details

       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -1238,7 +1551,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1265,7 +1596,9 @@ 
Method Details

       "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1278,16 +1611,29 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1322,7 +1668,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1336,7 +1683,7 @@ 
Method Details

 

 
 

-    patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None, x__xgafv=None)
+    patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None)
   
Patches a rule at the specified priority.
 
 Args:
@@ -1349,7 +1696,9 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "headerAction": { # Optional, additional actions that are performed on headers.
     "requestHeadersToAdds": [ # The list of request headers to add or overwrite if they're already present.
       {
@@ -1361,21 +1710,35 @@ 
Method Details

   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "destPorts": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destPorts": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -1384,7 +1747,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1411,7 +1792,9 @@ 
Method Details

   "redirectTarget": "A String", # This must be specified for redirect actions. Cannot be specified for any other actions.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1421,15 +1804,24 @@ 
Method Details

 
   priority: integer, The priority of the rule to patch.
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1464,7 +1856,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1478,22 +1871,31 @@ 
Method Details

 

 
 

-    removeRule(project, securityPolicy, priority=None, x__xgafv=None)
+    removeRule(project, securityPolicy, priority=None)
   
Deletes a rule at the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to update. (required)
   priority: integer, The priority of the rule to remove from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1528,7 +1930,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1542,7 +1945,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on a security policy. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1558,15 +1961,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1601,7 +2013,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1615,7 +2028,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1630,10 +2043,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.serviceAttachments.html b/docs/dyn/compute_alpha.serviceAttachments.html
index 051c64b6106..b61cff985b6 100644
--- a/docs/dyn/compute_alpha.serviceAttachments.html
+++ b/docs/dyn/compute_alpha.serviceAttachments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . serviceAttachments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all ServiceAttachment resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, serviceAttachment, requestId=None, x__xgafv=None)

+  delete(project, region, serviceAttachment, requestId=None)

 
Deletes the specified ServiceAttachment in the given scope

 

-  get(project, region, serviceAttachment, x__xgafv=None)

+  get(project, region, serviceAttachment)

 
Returns the specified ServiceAttachment resource in the given scope.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a ServiceAttachment in the specified project in the given scope using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the ServiceAttachments for a project in the given scope.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, serviceAttachment, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, serviceAttachment, body=None, requestId=None)

 
Patches the specified ServiceAttachment resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all ServiceAttachment resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,7 +142,9 @@ 
Method Details

   "items": { # A list of ServiceAttachmentsScopedList resources.
     "a_key": { # Name of the scope containing this set of ServiceAttachments.
       "serviceAttachments": [ # A list of ServiceAttachments contained in this scope.
-        { # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+        { # Represents a ServiceAttachment resource.
+            #
+            # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
           "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
             { # [Output Only] A connection connected to this service attachment.
               "endpoint": "A String", # The url of a connected endpoint.
@@ -184,7 +192,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of service attachments when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -202,7 +211,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -233,23 +243,36 @@ 
Method Details

 

 
 

-    delete(project, region, serviceAttachment, requestId=None, x__xgafv=None)
+    delete(project, region, serviceAttachment, requestId=None)
   
Deletes the specified ServiceAttachment in the given scope
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   serviceAttachment: string, Name of the ServiceAttachment resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -284,7 +307,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -298,22 +322,20 @@ 
Method Details

 

 
 

-    get(project, region, serviceAttachment, x__xgafv=None)
+    get(project, region, serviceAttachment)
   
Returns the specified ServiceAttachment resource in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   serviceAttachment: string, Name of the ServiceAttachment resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+    { # Represents a ServiceAttachment resource.
+    #
+    # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
   "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
     { # [Output Only] A connection connected to this service attachment.
       "endpoint": "A String", # The url of a connected endpoint.
@@ -361,7 +383,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -369,27 +391,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -397,76 +443,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a ServiceAttachment in the specified project in the given scope using the parameters that are included in the request.
 
 Args:
@@ -475,7 +589,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+{ # Represents a ServiceAttachment resource.
+    # 
+    # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
   "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
     { # [Output Only] A connection connected to this service attachment.
       "endpoint": "A String", # The url of a connected endpoint.
@@ -521,16 +637,29 @@ 
Method Details

   "targetService": "A String", # The URL of a service serving the endpoint identified by this service attachment.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -565,7 +694,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -579,21 +709,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the ServiceAttachments for a project in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -601,7 +737,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ServiceAttachment resources.
-    { # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+    { # Represents a ServiceAttachment resource.
+        #
+        # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
       "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
         { # [Output Only] A connection connected to this service attachment.
           "endpoint": "A String", # The url of a connected endpoint.
@@ -652,7 +790,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -678,7 +817,7 @@ 
Method Details

 

 
 

-    patch(project, region, serviceAttachment, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, serviceAttachment, body=None, requestId=None)
   
Patches the specified ServiceAttachment resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -688,7 +827,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+{ # Represents a ServiceAttachment resource.
+    # 
+    # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
   "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
     { # [Output Only] A connection connected to this service attachment.
       "endpoint": "A String", # The url of a connected endpoint.
@@ -734,16 +875,29 @@ 
Method Details

   "targetService": "A String", # The URL of a service serving the endpoint identified by this service attachment.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -778,7 +932,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -792,7 +947,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -805,33 +960,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -839,95 +1068,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -935,76 +1256,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1020,10 +1409,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.snapshots.html b/docs/dyn/compute_alpha.snapshots.html
index 67106e9914c..30f7b1516fa 100644
--- a/docs/dyn/compute_alpha.snapshots.html
+++ b/docs/dyn/compute_alpha.snapshots.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, snapshot, requestId=None, x__xgafv=None)

-
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot. For more information, see Deleting snapshots.

+  delete(project, snapshot, requestId=None)

+
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.

 

-  get(project, snapshot, x__xgafv=None)

+  get(project, snapshot)

 
Returns the specified Snapshot resource. Gets a list of available snapshots by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a snapshot in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Snapshot resources contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -111,22 +111,37 @@ 
Method Details

 

 
 

-    delete(project, snapshot, requestId=None, x__xgafv=None)
-  
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot. For more information, see Deleting snapshots.
+    delete(project, snapshot, requestId=None)
+  
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.
+
+For more information, see Deleting snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   snapshot: string, Name of the Snapshot resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -161,7 +176,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -175,21 +191,19 @@ 
Method Details

 

 
 

-    get(project, snapshot, x__xgafv=None)
+    get(project, snapshot)
   
Returns the specified Snapshot resource. Gets a list of available snapshots by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   snapshot: string, Name of the Snapshot resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+    { # Represents a Persistent Disk Snapshot resource.
+    #
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -197,14 +211,16 @@ 
Method Details

   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -219,11 +235,22 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      #
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      #
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -231,7 +258,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -245,34 +277,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -280,76 +336,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a snapshot in the specified project using the data included in the request.
 
 Args:
@@ -357,7 +481,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -365,14 +491,16 @@ 
Method Details

   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -387,11 +515,22 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -399,7 +538,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -411,16 +555,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -455,7 +612,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -469,20 +627,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Snapshot resources contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -490,7 +654,9 @@ 
Method Details

     { # Contains a list of Snapshot resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Snapshot resources.
-    { # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+    { # Represents a Persistent Disk Snapshot resource.
+        #
+        # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
       "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
       "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -498,14 +664,16 @@ 
Method Details

       "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
       "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
       "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-      "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # [Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a snapshot.
       "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
         "a_key": "A String",
       },
@@ -520,11 +688,22 @@ 
Method Details

       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-      "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+      "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+          #
+          # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+          #
+          # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -532,7 +711,12 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -549,7 +733,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -575,7 +760,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -587,33 +772,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -621,95 +880,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -717,76 +1068,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -802,15 +1221,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -845,7 +1273,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -859,7 +1288,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -874,10 +1303,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.sslCertificates.html b/docs/dyn/compute_alpha.sslCertificates.html
index 4f2bd7eb2c5..95192ff0580 100644
--- a/docs/dyn/compute_alpha.sslCertificates.html
+++ b/docs/dyn/compute_alpha.sslCertificates.html
@@ -75,7 +75,7 @@
 
Compute Engine API . sslCertificates

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all SslCertificate resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, sslCertificate, requestId=None, x__xgafv=None)

+  delete(project, sslCertificate, requestId=None)

 
Deletes the specified SslCertificate resource.

 

-  get(project, sslCertificate, x__xgafv=None)

+  get(project, sslCertificate)

 
Returns the specified SslCertificate resource. Gets a list of available SSL certificates by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a SslCertificate resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of SslCertificate resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all SslCertificate resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -127,7 +133,21 @@ 
Method Details

   "items": { # A list of SslCertificatesScopedList resources.
     "a_key": { # Name of the scope containing this set of SslCertificates.
       "sslCertificates": [ # List of SslCertificates contained in this scope.
-        { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/alpha/sslCertificates) * [Regional](/compute/docs/reference/rest/alpha/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+        { # Represents an SSL Certificate resource.
+            #
+            # Google Compute Engine has two SSL Certificate resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+            #
+            #
+            #
+            # The sslCertificates are used by:
+            # - external HTTPS load balancers
+            # - SSL proxy load balancers
+            #
+            # The regionSslCertificates are used by internal HTTPS load balancers.
+            #
+            # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
           "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -160,7 +180,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -178,7 +199,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -209,22 +231,35 @@ 
Method Details

 

 
 

-    delete(project, sslCertificate, requestId=None, x__xgafv=None)
+    delete(project, sslCertificate, requestId=None)
   
Deletes the specified SslCertificate resource.
 
 Args:
   project: string, Project ID for this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -259,7 +294,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -273,21 +309,31 @@ 
Method Details

 

 
 

-    get(project, sslCertificate, x__xgafv=None)
+    get(project, sslCertificate)
   
Returns the specified SslCertificate resource. Gets a list of available SSL certificates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/alpha/sslCertificates) * [Regional](/compute/docs/reference/rest/alpha/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+    #
+    # Google Compute Engine has two SSL Certificate resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    #
+    #
+    #
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    #
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    #
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -320,7 +366,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a SslCertificate resource in the specified project using the data included in the request.
 
 Args:
@@ -328,7 +374,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/alpha/sslCertificates) * [Regional](/compute/docs/reference/rest/alpha/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+{ # Represents an SSL Certificate resource.
+    # 
+    # Google Compute Engine has two SSL Certificate resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    # 
+    # 
+    # 
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    # 
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    # 
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -359,16 +419,29 @@ 
Method Details

   "type": "A String", # (Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields certificate and private_key are used.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -403,7 +476,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -417,20 +491,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of SslCertificate resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -438,7 +518,21 @@ 
Method Details

     { # Contains a list of SslCertificate resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslCertificate resources.
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/alpha/sslCertificates) * [Regional](/compute/docs/reference/rest/alpha/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+        #
+        # Google Compute Engine has two SSL Certificate resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+        #
+        #
+        #
+        # The sslCertificates are used by:
+        # - external HTTPS load balancers
+        # - SSL proxy load balancers
+        #
+        # The regionSslCertificates are used by internal HTTPS load balancers.
+        #
+        # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
       "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -474,7 +568,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -500,7 +595,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -515,10 +610,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.sslPolicies.html b/docs/dyn/compute_alpha.sslPolicies.html
index 3d0e09dbc67..217df2f5cf7 100644
--- a/docs/dyn/compute_alpha.sslPolicies.html
+++ b/docs/dyn/compute_alpha.sslPolicies.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, sslPolicy, requestId=None, x__xgafv=None)

+  delete(project, sslPolicy, requestId=None)

 
Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.

 

-  get(project, sslPolicy, x__xgafv=None)

+  get(project, sslPolicy)

 
Lists all of the ordered rules present in a single specified policy.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Returns the specified SSL policy resource. Gets a list of available SSL policies by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the SSL policies that have been configured for the specified project.

 

-  listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all features that can be specified in the SSL policy when using custom profile.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, sslPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, sslPolicy, body=None, requestId=None)

 
Patches the specified SSL policy with the data included in the request.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, sslPolicy, requestId=None, x__xgafv=None)
+    delete(project, sslPolicy, requestId=None)
   
Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.
 
 Args:
   project: string, Project ID for this request. (required)
   sslPolicy: string, Name of the SSL policy to delete. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,30 +186,31 @@ 
Method Details

 

 
 

-    get(project, sslPolicy, x__xgafv=None)
+    get(project, sslPolicy)
   
Lists all of the ordered rules present in a single specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   sslPolicy: string, Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+    { # Represents an SSL Policy resource.
+    #
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -214,7 +229,9 @@ 
Method Details

         "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
           "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
             "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                  # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                  # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
               "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                 "name": "A String", # Plugin name.
                 "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -236,7 +253,9 @@ 
Method Details

         "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
           "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
             "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                  # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                  # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
               "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                 "name": "A String", # Plugin name.
                 "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -258,12 +277,15 @@ 
Method Details

     "subjectAltNames": [ # A list of alternate names to verify the subject identity in the certificate presented by the client.
       "A String",
     ],
-    "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following: - SIMPLE Secure connections with standard TLS semantics. - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
+    "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following:
+        # - SIMPLE Secure connections with standard TLS semantics.
+        # - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
   },
   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -276,7 +298,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Returns the specified SSL policy resource. Gets a list of available SSL policies by making a list() request.
 
 Args:
@@ -284,16 +306,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+{ # Represents an SSL Policy resource.
+    # 
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -312,7 +339,9 @@ 
Method Details

         "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
           "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
             "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                  # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                  # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
               "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                 "name": "A String", # Plugin name.
                 "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -334,7 +363,9 @@ 
Method Details

         "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
           "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
             "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                  # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                  # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
               "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                 "name": "A String", # Plugin name.
                 "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -356,12 +387,15 @@ 
Method Details

     "subjectAltNames": [ # A list of alternate names to verify the subject identity in the certificate presented by the client.
       "A String",
     ],
-    "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following: - SIMPLE Secure connections with standard TLS semantics. - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
+    "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following:
+        # - SIMPLE Secure connections with standard TLS semantics.
+        # - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
   },
   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -372,16 +406,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -416,7 +463,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -430,20 +478,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the SSL policies that have been configured for the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -451,16 +505,21 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslPolicy resources.
-    { # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+    { # Represents an SSL Policy resource.
+        #
+        # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+      "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+          # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
         "A String",
       ],
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
         "A String",
       ],
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
       "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -479,7 +538,9 @@ 
Method Details

             "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
               "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                 "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                  "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                  "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                      # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                      # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                   "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                     "name": "A String", # Plugin name.
                     "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -501,7 +562,9 @@ 
Method Details

             "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
               "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
                 "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-                  "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+                  "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                      # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                      # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
                   "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                     "name": "A String", # Plugin name.
                     "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -523,12 +586,15 @@ 
Method Details

         "subjectAltNames": [ # A list of alternate names to verify the subject identity in the certificate presented by the client.
           "A String",
         ],
-        "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following: - SIMPLE Secure connections with standard TLS semantics. - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
+        "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following:
+            # - SIMPLE Secure connections with standard TLS semantics.
+            # - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
       },
       "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -544,7 +610,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -556,20 +623,26 @@ 
Method Details

 

 
 

-    listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all features that can be specified in the SSL policy when using custom profile.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -596,7 +669,7 @@ 
Method Details

 

 
 

-    patch(project, sslPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, sslPolicy, body=None, requestId=None)
   
Patches the specified SSL policy with the data included in the request.
 
 Args:
@@ -605,16 +678,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+{ # Represents an SSL Policy resource.
+    # 
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -633,7 +711,9 @@ 
Method Details

         "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
           "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
             "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                  # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                  # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
               "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                 "name": "A String", # Plugin name.
                 "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -655,7 +735,9 @@ 
Method Details

         "sdsConfig": { # [Deprecated] The configuration to access the SDS server. The configuration to access the SDS server. # Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS.
           "grpcServiceConfig": { # [Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server. # The configuration to access the SDS server over GRPC.
             "callCredentials": { # [Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server. # The call credentials to access the SDS server.
-              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
+              "callCredentialType": "A String", # The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following:
+                  # - GCE_VM: The local GCE VM service account credentials are used to access the SDS server.
+                  # - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.
               "fromPlugin": { # [Deprecated] Custom authenticator credentials. Custom authenticator credentials. # Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN.
                 "name": "A String", # Plugin name.
                 "structConfig": "A String", # A text proto that conforms to a Struct type definition interpreted by the plugin.
@@ -677,12 +759,15 @@ 
Method Details

     "subjectAltNames": [ # A list of alternate names to verify the subject identity in the certificate presented by the client.
       "A String",
     ],
-    "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following: - SIMPLE Secure connections with standard TLS semantics. - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
+    "tlsMode": "A String", # Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following:
+        # - SIMPLE Secure connections with standard TLS semantics.
+        # - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication.
   },
   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -693,16 +778,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -737,7 +835,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -751,7 +850,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -766,10 +865,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.subnetworks.html b/docs/dyn/compute_alpha.subnetworks.html
index dc45453262f..72d499cb065 100644
--- a/docs/dyn/compute_alpha.subnetworks.html
+++ b/docs/dyn/compute_alpha.subnetworks.html
@@ -75,7 +75,7 @@
 
Compute Engine API . subnetworks

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of subnetworks.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,25 +84,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, subnetwork, requestId=None, x__xgafv=None)

+  delete(project, region, subnetwork, requestId=None)

 
Deletes the specified subnetwork.

 

-  expandIpCidrRange(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)

+  expandIpCidrRange(project, region, subnetwork, body=None, requestId=None)

 
Expands the IP CIDR range of the subnetwork to a specified value.

 

-  get(project, region, subnetwork, x__xgafv=None)

+  get(project, region, subnetwork)

 
Returns the specified subnetwork. Gets a list of available subnetworks list() request.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a subnetwork in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of subnetworks available to the specified project.

 

-  listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of all usable subnetworks in the project.

 

   listUsable_next(previous_request, previous_response)

@@ -111,34 +111,40 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None, x__xgafv=None)

+  patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None)

 
Patches the specified subnetwork with the data included in the request. Only certain fields can be updated with a patch request as indicated in the field descriptions. You must specify the current fingerprint of the subnetwork resource being patched.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)

+  setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None)

 
Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of subnetworks.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -148,16 +154,26 @@ 
Method Details

   "items": { # A list of SubnetworksScopedList resources.
     "a_key": { # Name of the scope containing this set of Subnetworks.
       "subnetworks": [ # A list of subnetworks contained in this scope.
-        { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+        { # Represents a Subnetwork resource.
+            #
+            # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
           "aggregationInterval": "A String", # Can only be specified if VPC flow logging for this subnetwork is enabled. Sets the aggregation interval for collecting flow logs. Increasing the interval time reduces the amount of generated flow logs for long-lasting connections. Default is an interval of 5 seconds per connection. Valid values: INTERVAL_5_SEC, INTERVAL_30_SEC, INTERVAL_1_MIN, INTERVAL_5_MIN, INTERVAL_10_MIN, INTERVAL_15_MIN.
-          "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+          "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+              #
+              # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+              #
+              # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+              #
+              # This field cannot be set to true at resource creation time.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
           "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
           "enableL2": True or False, # Enables Layer2 communication on the subnetwork.
           "enablePrivateV6Access": True or False, # Deprecated in favor of enable in PrivateIpv6GoogleAccess. Whether the VMs in this subnet can directly access Google services via internal IPv6 addresses. This field can be both set at resource creation time and updated using patch.
           "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
           "flowSampling": 3.14, # Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5, which means half of all collected logs are reported.
           "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -179,7 +195,9 @@ 
Method Details

           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
           "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+              #
+              # This field can be both set at resource creation time and updated using patch.
           "privateIpv6GoogleAccessServiceAccounts": [ # Deprecated in favor of enable PrivateIpv6GoogleAccess on instance directly. The service accounts can be used to selectively turn on Private IPv6 Google Access only on the VMs primary service account matching the value. This value only takes effect when PrivateIpv6GoogleAccess is ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS or ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS.
             "A String",
           ],
@@ -196,7 +214,9 @@ 
Method Details

           ],
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+          "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+              #
+              # This field can be both set at resource creation time and updated using patch.
           "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
           "vlans": [ # A repeated field indicating the VLAN IDs supported on this subnetwork. During Subnet creation, specifying vlan is valid only if enable_l2 is true. During Subnet Update, specifying vlan is allowed only for l2 enabled subnets. Restricted to only one VLAN.
             42,
@@ -205,7 +225,8 @@ 
Method Details

       ],
       "warning": { # An informational warning that appears when the list of addresses is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -223,7 +244,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -254,23 +276,36 @@ 
Method Details

 

 
 

-    delete(project, region, subnetwork, requestId=None, x__xgafv=None)
+    delete(project, region, subnetwork, requestId=None)
   
Deletes the specified subnetwork.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   subnetwork: string, Name of the Subnetwork resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -305,7 +340,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -319,7 +355,7 @@ 
Method Details

 

 
 

-    expandIpCidrRange(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)
+    expandIpCidrRange(project, region, subnetwork, body=None, requestId=None)
   
Expands the IP CIDR range of the subnetwork to a specified value.
 
 Args:
@@ -333,16 +369,29 @@ 
Method Details

   "ipCidrRange": "A String", # The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -377,7 +426,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -391,31 +441,37 @@ 
Method Details

 

 
 

-    get(project, region, subnetwork, x__xgafv=None)
+    get(project, region, subnetwork)
   
Returns the specified subnetwork. Gets a list of available subnetworks list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   subnetwork: string, Name of the Subnetwork resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a Subnetwork resource.
+    #
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
   "aggregationInterval": "A String", # Can only be specified if VPC flow logging for this subnetwork is enabled. Sets the aggregation interval for collecting flow logs. Increasing the interval time reduces the amount of generated flow logs for long-lasting connections. Default is an interval of 5 seconds per connection. Valid values: INTERVAL_5_SEC, INTERVAL_30_SEC, INTERVAL_1_MIN, INTERVAL_5_MIN, INTERVAL_10_MIN, INTERVAL_15_MIN.
-  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+      #
+      # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+      #
+      # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+      #
+      # This field cannot be set to true at resource creation time.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "enableL2": True or False, # Enables Layer2 communication on the subnetwork.
   "enablePrivateV6Access": True or False, # Deprecated in favor of enable in PrivateIpv6GoogleAccess. Whether the VMs in this subnet can directly access Google services via internal IPv6 addresses. This field can be both set at resource creation time and updated using patch.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "flowSampling": 3.14, # Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5, which means half of all collected logs are reported.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -437,7 +493,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      #
+      # This field can be both set at resource creation time and updated using patch.
   "privateIpv6GoogleAccessServiceAccounts": [ # Deprecated in favor of enable PrivateIpv6GoogleAccess on instance directly. The service accounts can be used to selectively turn on Private IPv6 Google Access only on the VMs primary service account matching the value. This value only takes effect when PrivateIpv6GoogleAccess is ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS or ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS.
     "A String",
   ],
@@ -454,7 +512,9 @@ 
Method Details

   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      #
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
   "vlans": [ # A repeated field indicating the VLAN IDs supported on this subnetwork. During Subnet creation, specifying vlan is valid only if enable_l2 is true. During Subnet Update, specifying vlan is allowed only for l2 enabled subnets. Restricted to only one VLAN.
     42,
@@ -463,7 +523,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -471,27 +531,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -499,76 +583,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a subnetwork in the specified project using the data included in the request.
 
 Args:
@@ -577,16 +729,26 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a Subnetwork resource.
+    # 
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
   "aggregationInterval": "A String", # Can only be specified if VPC flow logging for this subnetwork is enabled. Sets the aggregation interval for collecting flow logs. Increasing the interval time reduces the amount of generated flow logs for long-lasting connections. Default is an interval of 5 seconds per connection. Valid values: INTERVAL_5_SEC, INTERVAL_30_SEC, INTERVAL_1_MIN, INTERVAL_5_MIN, INTERVAL_10_MIN, INTERVAL_15_MIN.
-  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+      # 
+      # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+      # 
+      # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+      # 
+      # This field cannot be set to true at resource creation time.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "enableL2": True or False, # Enables Layer2 communication on the subnetwork.
   "enablePrivateV6Access": True or False, # Deprecated in favor of enable in PrivateIpv6GoogleAccess. Whether the VMs in this subnet can directly access Google services via internal IPv6 addresses. This field can be both set at resource creation time and updated using patch.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "flowSampling": 3.14, # Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5, which means half of all collected logs are reported.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -608,7 +770,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "privateIpv6GoogleAccessServiceAccounts": [ # Deprecated in favor of enable PrivateIpv6GoogleAccess on instance directly. The service accounts can be used to selectively turn on Private IPv6 Google Access only on the VMs primary service account matching the value. This value only takes effect when PrivateIpv6GoogleAccess is ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS or ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS.
     "A String",
   ],
@@ -625,23 +789,38 @@ 
Method Details

   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
   "vlans": [ # A repeated field indicating the VLAN IDs supported on this subnetwork. During Subnet creation, specifying vlan is valid only if enable_l2 is true. During Subnet Update, specifying vlan is allowed only for l2 enabled subnets. Restricted to only one VLAN.
     42,
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -676,7 +855,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -690,21 +870,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of subnetworks available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -712,16 +898,26 @@ 
Method Details

     { # Contains a list of Subnetwork resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Subnetwork resources.
-    { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a Subnetwork resource.
+        #
+        # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
       "aggregationInterval": "A String", # Can only be specified if VPC flow logging for this subnetwork is enabled. Sets the aggregation interval for collecting flow logs. Increasing the interval time reduces the amount of generated flow logs for long-lasting connections. Default is an interval of 5 seconds per connection. Valid values: INTERVAL_5_SEC, INTERVAL_30_SEC, INTERVAL_1_MIN, INTERVAL_5_MIN, INTERVAL_10_MIN, INTERVAL_15_MIN.
-      "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+      "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+          #
+          # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+          #
+          # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+          #
+          # This field cannot be set to true at resource creation time.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
       "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
       "enableL2": True or False, # Enables Layer2 communication on the subnetwork.
       "enablePrivateV6Access": True or False, # Deprecated in favor of enable in PrivateIpv6GoogleAccess. Whether the VMs in this subnet can directly access Google services via internal IPv6 addresses. This field can be both set at resource creation time and updated using patch.
       "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
       "flowSampling": 3.14, # Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5, which means half of all collected logs are reported.
       "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -743,7 +939,9 @@ 
Method Details

       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
       "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+          #
+          # This field can be both set at resource creation time and updated using patch.
       "privateIpv6GoogleAccessServiceAccounts": [ # Deprecated in favor of enable PrivateIpv6GoogleAccess on instance directly. The service accounts can be used to selectively turn on Private IPv6 Google Access only on the VMs primary service account matching the value. This value only takes effect when PrivateIpv6GoogleAccess is ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS or ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS.
         "A String",
       ],
@@ -760,7 +958,9 @@ 
Method Details

       ],
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+      "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+          #
+          # This field can be both set at resource creation time and updated using patch.
       "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
       "vlans": [ # A repeated field indicating the VLAN IDs supported on this subnetwork. During Subnet creation, specifying vlan is valid only if enable_l2 is true. During Subnet Update, specifying vlan is allowed only for l2 enabled subnets. Restricted to only one VLAN.
         42,
@@ -772,7 +972,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -784,20 +985,26 @@ 
Method Details

 

 
 

-    listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of all usable subnetworks in the project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -822,7 +1029,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -862,7 +1070,7 @@ 
Method Details

 

 
 

-    patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None, x__xgafv=None)
+    patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None)
   
Patches the specified subnetwork with the data included in the request. Only certain fields can be updated with a patch request as indicated in the field descriptions. You must specify the current fingerprint of the subnetwork resource being patched.
 
 Args:
@@ -872,16 +1080,26 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a Subnetwork resource.
+    # 
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
   "aggregationInterval": "A String", # Can only be specified if VPC flow logging for this subnetwork is enabled. Sets the aggregation interval for collecting flow logs. Increasing the interval time reduces the amount of generated flow logs for long-lasting connections. Default is an interval of 5 seconds per connection. Valid values: INTERVAL_5_SEC, INTERVAL_30_SEC, INTERVAL_1_MIN, INTERVAL_5_MIN, INTERVAL_10_MIN, INTERVAL_15_MIN.
-  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+      # 
+      # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+      # 
+      # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+      # 
+      # This field cannot be set to true at resource creation time.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "enableL2": True or False, # Enables Layer2 communication on the subnetwork.
   "enablePrivateV6Access": True or False, # Deprecated in favor of enable in PrivateIpv6GoogleAccess. Whether the VMs in this subnet can directly access Google services via internal IPv6 addresses. This field can be both set at resource creation time and updated using patch.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "flowSampling": 3.14, # Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5, which means half of all collected logs are reported.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -903,7 +1121,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "privateIpv6GoogleAccessServiceAccounts": [ # Deprecated in favor of enable PrivateIpv6GoogleAccess on instance directly. The service accounts can be used to selectively turn on Private IPv6 Google Access only on the VMs primary service account matching the value. This value only takes effect when PrivateIpv6GoogleAccess is ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS or ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE_FOR_SERVICE_ACCOUNTS.
     "A String",
   ],
@@ -920,7 +1140,9 @@ 
Method Details

   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
   "vlans": [ # A repeated field indicating the VLAN IDs supported on this subnetwork. During Subnet creation, specifying vlan is valid only if enable_l2 is true. During Subnet Update, specifying vlan is allowed only for l2 enabled subnets. Restricted to only one VLAN.
     42,
@@ -928,16 +1150,29 @@ 
Method Details

 }
 
   drainTimeoutSeconds: integer, The drain timeout specifies the upper bound in seconds on the amount of time allowed to drain connections from the current ACTIVE subnetwork to the current BACKUP subnetwork. The drain timeout is only applicable when the following conditions are true: - the subnetwork being patched has purpose = INTERNAL_HTTPS_LOAD_BALANCER - the subnetwork being patched has role = BACKUP - the patch request is setting the role to ACTIVE. Note that after this patch operation the roles of the ACTIVE and BACKUP subnetworks will be swapped.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -972,7 +1207,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -986,7 +1222,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -999,33 +1235,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1033,95 +1343,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1129,76 +1531,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)
+    setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None)
   
Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.
 
 Args:
@@ -1212,16 +1682,29 @@ 
Method Details

   "privateIpGoogleAccess": True or False,
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1256,7 +1739,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1270,7 +1754,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1286,10 +1770,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetGrpcProxies.html b/docs/dyn/compute_alpha.targetGrpcProxies.html
index f8905cc1d0e..df6df67f7d5 100644
--- a/docs/dyn/compute_alpha.targetGrpcProxies.html
+++ b/docs/dyn/compute_alpha.targetGrpcProxies.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetGrpcProxy, requestId=None, x__xgafv=None)

+  delete(project, targetGrpcProxy, requestId=None)

 
Deletes the specified TargetGrpcProxy in the given scope

 

-  get(project, targetGrpcProxy, x__xgafv=None)

+  get(project, targetGrpcProxy)

 
Returns the specified TargetGrpcProxy resource in the given scope.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetGrpcProxy in the specified project in the given scope using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the TargetGrpcProxies for a project in the given scope.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetGrpcProxy, body=None, requestId=None, x__xgafv=None)

+  patch(project, targetGrpcProxy, body=None, requestId=None)

 
Patches the specified TargetGrpcProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, targetGrpcProxy, requestId=None, x__xgafv=None)
+    delete(project, targetGrpcProxy, requestId=None)
   
Deletes the specified TargetGrpcProxy in the given scope
 
 Args:
   project: string, Project ID for this request. (required)
   targetGrpcProxy: string, Name of the TargetGrpcProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -155,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,21 +183,19 @@ 
Method Details

 

 
 

-    get(project, targetGrpcProxy, x__xgafv=None)
+    get(project, targetGrpcProxy)
   
Returns the specified TargetGrpcProxy resource in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
   targetGrpcProxy: string, Name of the TargetGrpcProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+    { # Represents a Target gRPC Proxy resource.
+    #
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -198,7 +210,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetGrpcProxy in the specified project in the given scope using the parameters that are included in the request.
 
 Args:
@@ -206,7 +218,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+{ # Represents a Target gRPC Proxy resource.
+    # 
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -219,16 +233,29 @@ 
Method Details

   "validateForProxyless": True or False, # If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using a sidecar proxy. This will enable configuration checks on urlMap and its referenced BackendServices to not allow unsupported features. A gRPC application must use "xds:///" scheme in the target URI of the service it is connecting to. If false, indicates that the BackendServices referenced by the urlMap will be accessed by gRPC applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -263,7 +290,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -277,20 +305,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the TargetGrpcProxies for a project in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -298,7 +332,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetGrpcProxy resources.
-    { # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+    { # Represents a Target gRPC Proxy resource.
+        #
+        # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -316,7 +352,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -342,7 +379,7 @@ 
Method Details

 

 
 

-    patch(project, targetGrpcProxy, body=None, requestId=None, x__xgafv=None)
+    patch(project, targetGrpcProxy, body=None, requestId=None)
   
Patches the specified TargetGrpcProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -351,7 +388,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+{ # Represents a Target gRPC Proxy resource.
+    # 
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -364,16 +403,29 @@ 
Method Details

   "validateForProxyless": True or False, # If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using a sidecar proxy. This will enable configuration checks on urlMap and its referenced BackendServices to not allow unsupported features. A gRPC application must use "xds:///" scheme in the target URI of the service it is connecting to. If false, indicates that the BackendServices referenced by the urlMap will be accessed by gRPC applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -408,7 +460,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -422,7 +475,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -437,10 +490,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetHttpProxies.html b/docs/dyn/compute_alpha.targetHttpProxies.html
index 9ad6fdf0718..c36edf01f91 100644
--- a/docs/dyn/compute_alpha.targetHttpProxies.html
+++ b/docs/dyn/compute_alpha.targetHttpProxies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetHttpProxies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all TargetHttpProxy resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetHttpProxy, requestId=None, x__xgafv=None)

+  delete(project, targetHttpProxy, requestId=None)

 
Deletes the specified TargetHttpProxy resource.

 

-  get(project, targetHttpProxy, x__xgafv=None)

+  get(project, targetHttpProxy)

 
Returns the specified TargetHttpProxy resource. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetHttpProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

-
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

+  patch(project, targetHttpProxy, body=None, requestId=None)

+
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)

 

-  setUrlMap(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, targetHttpProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpProxy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all TargetHttpProxy resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,17 +139,32 @@ 
Method Details

   "items": { # A list of TargetHttpProxiesScopedList resources.
     "a_key": { # Name of the scope containing this set of TargetHttpProxies.
       "targetHttpProxies": [ # A list of TargetHttpProxies contained in this scope.
-        { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+        { # Represents a Target HTTP Proxy resource.
+            #
+            # Google Compute Engine has two Target HTTP Proxy resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+            #
+            # A target HTTP proxy is a component of GCP HTTP load balancers.
+            #
+            # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+            #
+            # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+              # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
             "A String",
           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              #
+              # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+              #
+              # The default is false.
           "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -152,7 +173,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -170,7 +192,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -201,22 +224,35 @@ 
Method Details

 

 
 

-    delete(project, targetHttpProxy, requestId=None, x__xgafv=None)
+    delete(project, targetHttpProxy, requestId=None)
   
Deletes the specified TargetHttpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -251,7 +287,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -265,31 +302,42 @@ 
Method Details

 

 
 

-    get(project, targetHttpProxy, x__xgafv=None)
+    get(project, targetHttpProxy)
   
Returns the specified TargetHttpProxy resource. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    #
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    #
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    #
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -298,7 +346,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetHttpProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -306,33 +354,61 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -367,7 +443,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -381,20 +458,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -402,17 +485,32 @@ 
Method Details

     { # A list of TargetHttpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpProxy resources.
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTP Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+        #
+        # A target HTTP proxy is a component of GCP HTTP load balancers.
+        #
+        # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+        #
+        # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
@@ -424,7 +522,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -450,8 +549,8 @@ 
Method Details

 

 
 

-    patch(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
+    patch(project, targetHttpProxy, body=None, requestId=None)
+  
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)
 
 Args:
   project: string, Project ID for this request. (required)
@@ -459,33 +558,61 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -520,7 +647,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -534,7 +662,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, targetHttpProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpProxy.
 
 Args:
@@ -547,16 +675,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -591,7 +732,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -605,7 +747,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -620,10 +762,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetHttpsProxies.html b/docs/dyn/compute_alpha.targetHttpsProxies.html
index 37545ea663a..65cd8562d99 100644
--- a/docs/dyn/compute_alpha.targetHttpsProxies.html
+++ b/docs/dyn/compute_alpha.targetHttpsProxies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetHttpsProxies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all TargetHttpsProxy resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,58 +84,64 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetHttpsProxy, requestId=None, x__xgafv=None)

+  delete(project, targetHttpsProxy, requestId=None)

 
Deletes the specified TargetHttpsProxy resource.

 

-  get(project, targetHttpsProxy, x__xgafv=None)

+  get(project, targetHttpsProxy)

 
Returns the specified TargetHttpsProxy resource. Gets a list of available target HTTPS proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetHttpsProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpsProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

-
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

+  patch(project, targetHttpsProxy, body=None, requestId=None)

+
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)

 

-  setCertificateMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setCertificateMap(project, targetHttpsProxy, body=None, requestId=None)

 
Changes the Certificate Map for TargetHttpsProxy.

 

-  setQuicOverride(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setQuicOverride(project, targetHttpsProxy, body=None, requestId=None)

 
Sets the QUIC override policy for TargetHttpsProxy.

 

-  setSslCertificates(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, targetHttpsProxy, body=None, requestId=None)

 
Replaces SslCertificates for TargetHttpsProxy.

 

-  setSslPolicy(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslPolicy(project, targetHttpsProxy, body=None, requestId=None)

 
Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.

 

-  setUrlMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, targetHttpsProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpsProxy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all TargetHttpsProxy resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -145,36 +151,65 @@ 
Method Details

   "items": { # A list of TargetHttpsProxiesScopedList resources.
     "a_key": { # Name of the scope containing this set of TargetHttpsProxies.
       "targetHttpsProxies": [ # A list of TargetHttpsProxies contained in this scope.
-        { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+        { # Represents a Target HTTPS Proxy resource.
+            #
+            # Google Compute Engine has two Target HTTPS Proxy resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+            #
+            # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+            #
+            # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+            #
+            # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
           "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
           "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-          "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+          "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+              # Refer to the AuthorizationPolicy resource for additional details.
+              # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              # Note: This field currently has no impact.
           "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+              # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
             "A String",
           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-          "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              #
+              # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+              #
+              # The default is false.
+          "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+              # - When quic-override is set to NONE, Google manages whether QUIC is used.
+              # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+              # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+              # - If the quic-override flag is not specified, NONE is implied.
           "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+          "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+              # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              # If left blank, communications are not encrypted.
+              # Note: This field currently has no impact.
           "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
             "A String",
           ],
           "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-          "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+          "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+              # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+              # - projects/project/global/urlMaps/url-map
+              # - global/urlMaps/url-map
         },
       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -192,7 +227,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -223,22 +259,35 @@ 
Method Details

 

 
 

-    delete(project, targetHttpsProxy, requestId=None, x__xgafv=None)
+    delete(project, targetHttpsProxy, requestId=None)
   
Deletes the specified TargetHttpsProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -273,7 +322,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -287,50 +337,74 @@ 
Method Details

 

 
 

-    get(project, targetHttpsProxy, x__xgafv=None)
+    get(project, targetHttpsProxy)
   
Returns the specified TargetHttpsProxy resource. Gets a list of available target HTTPS proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    #
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    #
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    #
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetHttpsProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -338,43 +412,84 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -409,7 +524,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -423,20 +539,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpsProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -444,31 +566,59 @@ 
Method Details

     { # Contains a list of TargetHttpsProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpsProxy resources.
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTPS Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+        #
+        # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+        #
+        # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+        #
+        # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
       "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
       "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+          # Refer to the AuthorizationPolicy resource for additional details.
+          # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # Note: This field currently has no impact.
       "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
+      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+          # - When quic-override is set to NONE, Google manages whether QUIC is used.
+          # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+          # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+          # - If the quic-override flag is not specified, NONE is implied.
       "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+          # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # If left blank, communications are not encrypted.
+          # Note: This field currently has no impact.
       "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
         "A String",
       ],
       "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+          # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+          # - projects/project/global/urlMaps/url-map
+          # - global/urlMaps/url-map
     },
   ],
   "kind": "compute#targetHttpsProxyList", # Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.
@@ -476,7 +626,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -502,8 +653,8 @@ 
Method Details

 

 
 

-    patch(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
+    patch(project, targetHttpsProxy, body=None, requestId=None)
+  
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)
 
 Args:
   project: string, Project ID for this request. (required)
@@ -511,43 +662,84 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/alpha/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/alpha/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -582,7 +774,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -596,7 +789,7 @@ 
Method Details

 

 
 

-    setCertificateMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setCertificateMap(project, targetHttpsProxy, body=None, requestId=None)
   
Changes the Certificate Map for TargetHttpsProxy.
 
 Args:
@@ -609,16 +802,29 @@ 
Method Details

   "certificateMap": "A String", # URL of the Certificate Map to associate with this TargetHttpsProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -653,7 +859,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -667,7 +874,7 @@ 
Method Details

 

 
 

-    setQuicOverride(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setQuicOverride(project, targetHttpsProxy, body=None, requestId=None)
   
Sets the QUIC override policy for TargetHttpsProxy.
 
 Args:
@@ -680,16 +887,29 @@ 
Method Details

   "quicOverride": "A String", # QUIC policy for the TargetHttpsProxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -724,7 +944,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -738,7 +959,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, targetHttpsProxy, body=None, requestId=None)
   
Replaces SslCertificates for TargetHttpsProxy.
 
 Args:
@@ -753,16 +974,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -797,7 +1031,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -811,7 +1046,7 @@ 
Method Details

 

 
 

-    setSslPolicy(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslPolicy(project, targetHttpsProxy, body=None, requestId=None)
   
Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.
 
 Args:
@@ -824,16 +1059,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -868,7 +1116,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -882,7 +1131,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, targetHttpsProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpsProxy.
 
 Args:
@@ -895,16 +1144,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -939,7 +1201,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -953,7 +1216,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -968,10 +1231,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetInstances.html b/docs/dyn/compute_alpha.targetInstances.html
index 2a015a82d61..46b83c0806f 100644
--- a/docs/dyn/compute_alpha.targetInstances.html
+++ b/docs/dyn/compute_alpha.targetInstances.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetInstances

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target instances.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, targetInstance, requestId=None, x__xgafv=None)

+  delete(project, zone, targetInstance, requestId=None)

 
Deletes the specified TargetInstance resource.

 

-  get(project, zone, targetInstance, x__xgafv=None)

+  get(project, zone, targetInstance)

 
Returns the specified TargetInstance resource. Gets a list of available target instances by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a TargetInstance resource in the specified project and zone using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of TargetInstance resources available to the specified project and zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target instances.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -127,11 +133,16 @@ 
Method Details

   "items": { # A list of TargetInstance resources.
     "a_key": { # Name of the scope containing this set of target instances.
       "targetInstances": [ # A list of target instances contained in this scope.
-        { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+        { # Represents a Target Instance resource.
+            #
+            # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-          "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+          "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+              # - projects/project/zones/zone/instances/instance
+              # - zones/zone/instances/instance
           "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -143,7 +154,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -161,7 +173,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -192,23 +205,36 @@ 
Method Details

 

 
 

-    delete(project, zone, targetInstance, requestId=None, x__xgafv=None)
+    delete(project, zone, targetInstance, requestId=None)
   
Deletes the specified TargetInstance resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
   targetInstance: string, Name of the TargetInstance resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -243,7 +269,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -257,26 +284,27 @@ 
Method Details

 

 
 

-    get(project, zone, targetInstance, x__xgafv=None)
+    get(project, zone, targetInstance)
   
Returns the specified TargetInstance resource. Gets a list of available target instances by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
   targetInstance: string, Name of the TargetInstance resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+    { # Represents a Target Instance resource.
+    #
+    # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
   "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -288,7 +316,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a TargetInstance resource in the specified project and zone using the data included in the request.
 
 Args:
@@ -297,11 +325,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+{ # Represents a Target Instance resource.
+    # 
+    # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
   "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -311,16 +344,29 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the target instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -355,7 +401,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -369,21 +416,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of TargetInstance resources available to the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -391,11 +444,16 @@ 
Method Details

     { # Contains a list of TargetInstance resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetInstance resources.
-    { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+    { # Represents a Target Instance resource.
+        #
+        # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+      "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
+          # - zones/zone/instances/instance
       "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -410,7 +468,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -436,7 +495,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -452,10 +511,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetPools.html b/docs/dyn/compute_alpha.targetPools.html
index 83060f7f3c6..0d0a8841173 100644
--- a/docs/dyn/compute_alpha.targetPools.html
+++ b/docs/dyn/compute_alpha.targetPools.html
@@ -75,13 +75,13 @@
 
Compute Engine API . targetPools

 
Instance Methods

 

-  addHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  addHealthCheck(project, region, targetPool, body=None, requestId=None)

 
Adds health check URLs to a target pool.

 

-  addInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  addInstance(project, region, targetPool, body=None, requestId=None)

 
Adds an instance to a target pool.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target pools.

 

   aggregatedList_next(previous_request, previous_response)

@@ -90,38 +90,38 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetPool, requestId=None, x__xgafv=None)

+  delete(project, region, targetPool, requestId=None)

 
Deletes the specified target pool.

 

-  get(project, region, targetPool, x__xgafv=None)

+  get(project, region, targetPool)

 
Returns the specified target pool. Gets a list of available target pools by making a list() request.

 

-  getHealth(project, region, targetPool, body=None, x__xgafv=None)

+  getHealth(project, region, targetPool, body=None)

 
Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a target pool in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of target pools available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  removeHealthCheck(project, region, targetPool, body=None, requestId=None)

 
Removes health check URL from a target pool.

 

-  removeInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  removeInstance(project, region, targetPool, body=None, requestId=None)

 
Removes instance URL from a target pool.

 

-  setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None, x__xgafv=None)

+  setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None)

 
Changes a backup target pool's configurations.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    addHealthCheck(project, region, targetPool, body=None, requestId=None)
   
Adds health check URLs to a target pool.
 
 Args:
@@ -133,22 +133,38 @@ 
Method Details

 
 {
   "healthChecks": [ # The HttpHealthCheck to add to the target pool.
-    { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
+    { # A full or valid partial URL to a health check. For example, the following are valid URLs:
+        # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+        # - projects/project-id/global/httpHealthChecks/health-check
+        # - global/httpHealthChecks/health-check
       "healthCheck": "A String",
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -183,7 +199,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,7 +214,7 @@ 
Method Details

 

 
 

-    addInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    addInstance(project, region, targetPool, body=None, requestId=None)
   
Adds an instance to a target pool.
 
 Args:
@@ -208,23 +225,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "instances": [ # A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs: - https://www.googleapis.com/compute/v1/projects/project-id/zones/zone /instances/instance-name - projects/project-id/zones/zone/instances/instance-name - zones/zone/instances/instance-name
+  "instances": [ # A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name
+      # - projects/project-id/zones/zone/instances/instance-name
+      # - zones/zone/instances/instance-name
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -259,7 +292,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -273,21 +307,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target pools.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -297,11 +337,21 @@ 
Method Details

   "items": { # A list of TargetPool resources.
     "a_key": { # Name of the scope containing this set of target pools.
       "targetPools": [ # A list of target pools contained in this scope.
-        { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-          "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+        { # Represents a Target Pool resource.
+            #
+            # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+          "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+              #
+              # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+              #
+              # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+          "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+              #
+              # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+              #
+              # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
           "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
             "A String",
           ],
@@ -314,12 +364,16 @@ 
Method Details

           "region": "A String", # [Output Only] URL of the region where the target pool resides.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-          "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+          "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+              # NONE: Connections from the same client IP may go to any instance in the pool.
+              # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+              # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
         },
       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -337,7 +391,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -368,23 +423,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetPool, requestId=None, x__xgafv=None)
+    delete(project, region, targetPool, requestId=None)
   
Deletes the specified target pool.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetPool: string, Name of the TargetPool resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -419,7 +487,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -433,26 +502,32 @@ 
Method Details

 

 
 

-    get(project, region, targetPool, x__xgafv=None)
+    get(project, region, targetPool)
   
Returns the specified target pool. Gets a list of available target pools by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetPool: string, Name of the TargetPool resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+    { # Represents a Target Pool resource.
+    #
+    # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+      #
+      # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      #
+      # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+      #
+      # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      #
+      # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
     "A String",
   ],
@@ -465,12 +540,15 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the target pool resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+  "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+      # NONE: Connections from the same client IP may go to any instance in the pool.
+      # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+      # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
 }

 

 
 

-    getHealth(project, region, targetPool, body=None, x__xgafv=None)
+    getHealth(project, region, targetPool, body=None)
   
Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.
 
 Args:
@@ -481,13 +559,9 @@ 
Method Details

     The object takes the form of:
 
 {
-  "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+  "instance": "A String", # The URL for a specific instance.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -513,7 +587,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a target pool in the specified project and region using the data included in the request.
 
 Args:
@@ -522,11 +596,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+{ # Represents a Target Pool resource.
+    # 
+    # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+      # 
+      # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      # 
+      # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+      # 
+      # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      # 
+      # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
     "A String",
   ],
@@ -539,19 +623,35 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the target pool resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-  "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+  "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+      # NONE: Connections from the same client IP may go to any instance in the pool.
+      # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+      # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -586,7 +686,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -600,21 +701,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of target pools available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -622,11 +729,21 @@ 
Method Details

     { # Contains a list of TargetPool resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetPool resources.
-    { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-      "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+    { # Represents a Target Pool resource.
+        #
+        # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+      "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+          #
+          # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+          #
+          # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+      "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+          #
+          # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+          #
+          # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
       "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
         "A String",
       ],
@@ -639,7 +756,10 @@ 
Method Details

       "region": "A String", # [Output Only] URL of the region where the target pool resides.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
-      "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+      "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+          # NONE: Connections from the same client IP may go to any instance in the pool.
+          # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+          # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
     },
   ],
   "kind": "compute#targetPoolList", # [Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.
@@ -647,7 +767,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -673,7 +794,7 @@ 
Method Details

 

 
 

-    removeHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    removeHealthCheck(project, region, targetPool, body=None, requestId=None)
   
Removes health check URL from a target pool.
 
 Args:
@@ -684,23 +805,42 @@ 
Method Details

     The object takes the form of:
 
 {
-  "healthChecks": [ # Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project /global/httpHealthChecks/health-check - projects/project/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
-    { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
+  "healthChecks": [ # Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:
+      # - https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check
+      # - projects/project/global/httpHealthChecks/health-check
+      # - global/httpHealthChecks/health-check
+    { # A full or valid partial URL to a health check. For example, the following are valid URLs:
+        # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+        # - projects/project-id/global/httpHealthChecks/health-check
+        # - global/httpHealthChecks/health-check
       "healthCheck": "A String",
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -735,7 +875,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -749,7 +890,7 @@ 
Method Details

 

 
 

-    removeInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    removeInstance(project, region, targetPool, body=None, requestId=None)
   
Removes instance URL from a target pool.
 
 Args:
@@ -762,21 +903,34 @@ 
Method Details

 {
   "instances": [ # URLs of the instances to be removed from target pool.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -811,7 +965,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -825,7 +980,7 @@ 
Method Details

 

 
 

-    setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None, x__xgafv=None)
+    setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None)
   
Changes a backup target pool's configurations.
 
 Args:
@@ -840,16 +995,29 @@ 
Method Details

 }
 
   failoverRatio: number, New failoverRatio value for the target pool.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -884,7 +1052,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -898,7 +1067,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -914,10 +1083,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetSslProxies.html b/docs/dyn/compute_alpha.targetSslProxies.html
index 550dba9ac46..bbf76a7ba5e 100644
--- a/docs/dyn/compute_alpha.targetSslProxies.html
+++ b/docs/dyn/compute_alpha.targetSslProxies.html
@@ -78,37 +78,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetSslProxy, requestId=None, x__xgafv=None)

+  delete(project, targetSslProxy, requestId=None)

 
Deletes the specified TargetSslProxy resource.

 

-  get(project, targetSslProxy, x__xgafv=None)

+  get(project, targetSslProxy)

 
Returns the specified TargetSslProxy resource. Gets a list of available target SSL proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetSslProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetSslProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setBackendService(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setBackendService(project, targetSslProxy, body=None, requestId=None)

 
Changes the BackendService for TargetSslProxy.

 

-  setCertificateMap(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setCertificateMap(project, targetSslProxy, body=None, requestId=None)

 
Changes the Certificate Map for TargetSslProxy.

 

-  setProxyHeader(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setProxyHeader(project, targetSslProxy, body=None, requestId=None)

 
Changes the ProxyHeaderType for TargetSslProxy.

 

-  setSslCertificates(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, targetSslProxy, body=None, requestId=None)

 
Changes SslCertificates for TargetSslProxy.

 

-  setSslPolicy(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setSslPolicy(project, targetSslProxy, body=None, requestId=None)

 
Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -117,22 +117,35 @@ 
Method Details

 

 
 

-    delete(project, targetSslProxy, requestId=None, x__xgafv=None)
+    delete(project, targetSslProxy, requestId=None)
   
Deletes the specified TargetSslProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetSslProxy: string, Name of the TargetSslProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -167,7 +180,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -181,21 +195,19 @@ 
Method Details

 

 
 

-    get(project, targetSslProxy, x__xgafv=None)
+    get(project, targetSslProxy)
   
Returns the specified TargetSslProxy resource. Gets a list of available target SSL proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetSslProxy: string, Name of the TargetSslProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+    { # Represents a Target SSL Proxy resource.
+    #
+    # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
   "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -213,7 +225,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetSslProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -221,7 +233,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+{ # Represents a Target SSL Proxy resource.
+    # 
+    # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
   "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -237,16 +251,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -281,7 +308,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -295,20 +323,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetSslProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -316,7 +350,9 @@ 
Method Details

     { # Contains a list of TargetSslProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetSslProxy resources.
-    { # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+    { # Represents a Target SSL Proxy resource.
+        #
+        # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
       "certificateMap": "A String", # URL of a certificate map that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. If set, sslCertificates will be ignored.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -337,7 +373,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -363,7 +400,7 @@ 
Method Details

 

 
 

-    setBackendService(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setBackendService(project, targetSslProxy, body=None, requestId=None)
   
Changes the BackendService for TargetSslProxy.
 
 Args:
@@ -376,16 +413,29 @@ 
Method Details

   "service": "A String", # The URL of the new BackendService resource for the targetSslProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -420,7 +470,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -434,7 +485,7 @@ 
Method Details

 

 
 

-    setCertificateMap(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setCertificateMap(project, targetSslProxy, body=None, requestId=None)
   
Changes the Certificate Map for TargetSslProxy.
 
 Args:
@@ -447,16 +498,29 @@ 
Method Details

   "certificateMap": "A String", # URL of the Certificate Map to associate with this TargetSslProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -491,7 +555,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -505,7 +570,7 @@ 
Method Details

 

 
 

-    setProxyHeader(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setProxyHeader(project, targetSslProxy, body=None, requestId=None)
   
Changes the ProxyHeaderType for TargetSslProxy.
 
 Args:
@@ -518,16 +583,29 @@ 
Method Details

   "proxyHeader": "A String", # The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -562,7 +640,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -576,7 +655,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, targetSslProxy, body=None, requestId=None)
   
Changes SslCertificates for TargetSslProxy.
 
 Args:
@@ -591,16 +670,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -635,7 +727,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -649,7 +742,7 @@ 
Method Details

 

 
 

-    setSslPolicy(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setSslPolicy(project, targetSslProxy, body=None, requestId=None)
   
Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.
 
 Args:
@@ -662,16 +755,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -706,7 +812,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -720,7 +827,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -735,10 +842,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetTcpProxies.html b/docs/dyn/compute_alpha.targetTcpProxies.html
index 2fc39b9c196..f99d004bc04 100644
--- a/docs/dyn/compute_alpha.targetTcpProxies.html
+++ b/docs/dyn/compute_alpha.targetTcpProxies.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetTcpProxy, requestId=None, x__xgafv=None)

+  delete(project, targetTcpProxy, requestId=None)

 
Deletes the specified TargetTcpProxy resource.

 

-  get(project, targetTcpProxy, x__xgafv=None)

+  get(project, targetTcpProxy)

 
Returns the specified TargetTcpProxy resource. Gets a list of available target TCP proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetTcpProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetTcpProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setBackendService(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)

+  setBackendService(project, targetTcpProxy, body=None, requestId=None)

 
Changes the BackendService for TargetTcpProxy.

 

-  setProxyHeader(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)

+  setProxyHeader(project, targetTcpProxy, body=None, requestId=None)

 
Changes the ProxyHeaderType for TargetTcpProxy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, targetTcpProxy, requestId=None, x__xgafv=None)
+    delete(project, targetTcpProxy, requestId=None)
   
Deletes the specified TargetTcpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetTcpProxy: string, Name of the TargetTcpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,27 +186,29 @@ 
Method Details

 

 
 

-    get(project, targetTcpProxy, x__xgafv=None)
+    get(project, targetTcpProxy)
   
Returns the specified TargetTcpProxy resource. Gets a list of available target TCP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetTcpProxy: string, Name of the TargetTcpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+    { # Represents a Target TCP Proxy resource.
+    #
+    # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "service": "A String", # URL to the BackendService resource.
@@ -200,7 +216,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetTcpProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -208,28 +224,47 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+{ # Represents a Target TCP Proxy resource.
+    # 
+    # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "service": "A String", # URL to the BackendService resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -264,7 +299,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -278,20 +314,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetTcpProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -299,13 +341,19 @@ 
Method Details

     { # Contains a list of TargetTcpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetTcpProxy resources.
-    { # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+    { # Represents a Target TCP Proxy resource.
+        #
+        # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "service": "A String", # URL to the BackendService resource.
@@ -316,7 +364,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -342,7 +391,7 @@ 
Method Details

 

 
 

-    setBackendService(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)
+    setBackendService(project, targetTcpProxy, body=None, requestId=None)
   
Changes the BackendService for TargetTcpProxy.
 
 Args:
@@ -355,16 +404,29 @@ 
Method Details

   "service": "A String", # The URL of the new BackendService resource for the targetTcpProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -399,7 +461,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -413,7 +476,7 @@ 
Method Details

 

 
 

-    setProxyHeader(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)
+    setProxyHeader(project, targetTcpProxy, body=None, requestId=None)
   
Changes the ProxyHeaderType for TargetTcpProxy.
 
 Args:
@@ -426,16 +489,29 @@ 
Method Details

   "proxyHeader": "A String", # The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -470,7 +546,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -484,7 +561,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -499,10 +576,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.targetVpnGateways.html b/docs/dyn/compute_alpha.targetVpnGateways.html
index 3029a65c861..65314c6dcf3 100644
--- a/docs/dyn/compute_alpha.targetVpnGateways.html
+++ b/docs/dyn/compute_alpha.targetVpnGateways.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetVpnGateways

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target VPN gateways.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetVpnGateway, requestId=None, x__xgafv=None)

+  delete(project, region, targetVpnGateway, requestId=None)

 
Deletes the specified target VPN gateway.

 

-  get(project, region, targetVpnGateway, x__xgafv=None)

+  get(project, region, targetVpnGateway)

 
Returns the specified target VPN gateway. Gets a list of available target VPN gateways by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a target VPN gateway in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of target VPN gateways available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target VPN gateways.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,9 @@ 
Method Details

   "items": { # A list of TargetVpnGateway resources.
     "a_key": { # [Output Only] Name of the scope containing this set of target VPN gateways.
       "targetVpnGateways": [ # [Output Only] A list of target VPN gateways contained in this scope.
-        { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+        { # Represents a Target VPN Gateway resource.
+            #
+            # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -138,7 +146,9 @@ 
Method Details

           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -154,7 +164,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,7 +183,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -203,23 +215,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetVpnGateway, requestId=None, x__xgafv=None)
+    delete(project, region, targetVpnGateway, requestId=None)
   
Deletes the specified target VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   targetVpnGateway: string, Name of the target VPN gateway to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -254,7 +279,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -268,22 +294,20 @@ 
Method Details

 

 
 

-    get(project, region, targetVpnGateway, x__xgafv=None)
+    get(project, region, targetVpnGateway)
   
Returns the specified target VPN gateway. Gets a list of available target VPN gateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   targetVpnGateway: string, Name of the target VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+    { # Represents a Target VPN Gateway resource.
+    #
+    # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -291,7 +315,9 @@ 
Method Details

   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -307,7 +333,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a target VPN gateway in the specified project and region using the data included in the request.
 
 Args:
@@ -316,7 +342,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+{ # Represents a Target VPN Gateway resource.
+    # 
+    # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -324,7 +352,9 @@ 
Method Details

   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -338,16 +368,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -382,7 +425,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -396,21 +440,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of target VPN gateways available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -418,7 +468,9 @@ 
Method Details

     { # Contains a list of TargetVpnGateway resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetVpnGateway resources.
-    { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+    { # Represents a Target VPN Gateway resource.
+        #
+        # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -426,7 +478,9 @@ 
Method Details

       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -445,7 +499,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -471,7 +526,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -488,16 +543,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -532,7 +600,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -546,7 +615,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -562,10 +631,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.urlMaps.html b/docs/dyn/compute_alpha.urlMaps.html
index 7b43162fe53..b23de147f6d 100644
--- a/docs/dyn/compute_alpha.urlMaps.html
+++ b/docs/dyn/compute_alpha.urlMaps.html
@@ -75,7 +75,7 @@
 
Compute Engine API . urlMaps

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all UrlMap resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,52 +84,58 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, urlMap, requestId=None, x__xgafv=None)

+  delete(project, urlMap, requestId=None)

 
Deletes the specified UrlMap resource.

 

-  get(project, urlMap, x__xgafv=None)

+  get(project, urlMap)

 
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a UrlMap resource in the specified project using the data included in the request.

 

-  invalidateCache(project, urlMap, body=None, requestId=None, x__xgafv=None)

-
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).

+  invalidateCache(project, urlMap, body=None, requestId=None)

+
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of UrlMap resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, urlMap, body=None, requestId=None, x__xgafv=None)

+  patch(project, urlMap, body=None, requestId=None)

 
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, urlMap, body=None, requestId=None, x__xgafv=None)

+  update(project, urlMap, body=None, requestId=None)

 
Updates the specified UrlMap resource with the data included in the request.

 

-  validate(project, urlMap, body=None, x__xgafv=None)

+  validate(project, urlMap, body=None)

 
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all UrlMap resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -139,21 +145,44 @@ 
Method Details

   "items": { # A list of UrlMapsScopedList resources.
     "a_key": { # Name of the scope containing this set of UrlMaps.
       "urlMaps": [ # A list of UrlMaps contained in this scope.
-        { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+        { # Represents a URL Map resource.
+            #
+            # Google Compute Engine has two URL Map resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+            #
+            # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+            #
+            # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+            #
+            # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+            #
+            # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+            #
+            # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+            #
+            # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+              # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -162,53 +191,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -218,34 +278,61 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here take effect after headerAction specified under pathMatcher.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -255,7 +342,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -265,7 +353,8 @@ 
Method Details

           "hostRules": [ # The list of HostRules to use against the URL.
             { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-              "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+                  # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "A String",
               ],
               "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -276,19 +365,25 @@ 
Method Details

           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "pathMatchers": [ # The list of named PathMatchers to use against the URL.
             { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-              "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+                  # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -297,53 +392,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -353,33 +479,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-              "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+                  # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+                  # - compute/v1/projects/project/global/backendServices/backendService
+                  # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+                  # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+                  # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+                  # - compute.backendBuckets.use
+                  # - compute.backendServices.use
+              "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+                  # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -389,7 +545,8 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -397,24 +554,32 @@ 
Method Details

                 ],
               },
               "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-              "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+              "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+                  # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+                  # Within a given pathMatcher, only one of pathRules or routeRules must be set.
                 { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
                   "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                     "A String",
                   ],
-                  "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+                  "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                      # Only one of routeAction or urlRedirect must be set.
+                      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                        # Not supported when the URL map is bound to target gRPC proxy.
+                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                          # Default is false.
                       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                         "A String",
                       ],
                       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                         "A String",
                       ],
-                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
-                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
                       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -423,53 +588,84 @@ 
Method Details

                       ],
                       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                     },
-                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "httpStatus": 42, # The HTTP status code used to abort the request.
+                            # The value must be between 200 and 599 inclusive.
+                            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                         },
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                     },
-                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                     },
-                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                       },
-                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                          # -
+                          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                         "A String",
                       ],
                     },
-                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                        # If not specified, will use the largest timeout among all backend services associated with the route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                          # The value must be between 1 and 255 characters.
+                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                          # The value must be between 1 and 1024 characters.
                     },
-                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -479,37 +675,63 @@ 
Method Details

                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                             "A String",
                           ],
                         },
-                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                            # The value must be between 0 and 1000
                       },
                     ],
                   },
-                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                      # If urlRedirect is specified, service or routeAction must not be set.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                        # The value must be between 1 and 255 characters.
+                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                        # The default is set to false.
+                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                        # Supported values are:
+                        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                        # - FOUND, which corresponds to 302.
+                        # - SEE_OTHER which corresponds to 303.
+                        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                        # The default is set to false.
                   },
                 },
               ],
-              "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+              "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+                  # Within a given pathMatcher, you can set only one of pathRules or routeRules.
                 { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-                  "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "description": "A String", # The short description conveying the intent of this routeRule.
+                      # The description can have a maximum length of 1024 characters.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -519,21 +741,25 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                       "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                       "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                       "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
                     },
                   ],
-                  "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                      # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                       "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                       "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -542,60 +768,112 @@ 
Method Details

                   ],
                   "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                     { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                      "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                          # fullPathMatch must be between 1 and 1024 characters.
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                       "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                         { # matchRule criteria for request header matches.
-                          "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                          "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                          "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                          "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "headerName": "A String", # The name of the HTTP header to match.
+                              # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                              # For matching a request's method, use the headerName ":method".
+                              # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                          "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                              # The default setting is false.
+                          "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                              # For example for a range [-5, 0]
+                              # - -3 will match.
+                              # - 0 will not match.
+                              # - 0.25 will not match.
+                              # - -3someString will not match.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                              # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                             "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                             "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                           },
-                          "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                          "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                              # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                              # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                          "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                         },
                       ],
-                      "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                      "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                          # The default value is false.
+                          # ignoreCase must not be used with regexMatch.
+                          # Not supported when the URL map is bound to target gRPC proxy.
+                      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                          # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                              # This list must not be empty and can have at the most 64 entries.
                             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                              "name": "A String", # Name of metadata label.
+                                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                              "value": "A String", # The value of the label must match the specified value.
+                                  # value can have a maximum length of 1024 characters.
                             },
                           ],
-                          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                              # Supported values are:
+                              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                         },
                       ],
-                      "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                      "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                      "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                          # The value must be between 1 and 1024 characters.
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                          # Not supported when the URL map is bound to target gRPC proxy.
                         { # HttpRouteRuleMatch criteria for a request's query parameter.
-                          "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                          "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
                           "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                          "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                          "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                          "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
+                              # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                         },
                       ],
-                      "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-                  "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+                  "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                      # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                      # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+                  "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                        # Not supported when the URL map is bound to target gRPC proxy.
+                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                          # Default is false.
                       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                         "A String",
                       ],
                       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                         "A String",
                       ],
-                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
-                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
                       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -604,53 +882,84 @@ 
Method Details

                       ],
                       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                     },
-                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "httpStatus": 42, # The HTTP status code used to abort the request.
+                            # The value must be between 200 and 599 inclusive.
+                            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                         },
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                     },
-                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                     },
-                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                       },
-                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                          # -
+                          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                         "A String",
                       ],
                     },
-                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                        # If not specified, will use the largest timeout among all backend services associated with the route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                          # The value must be between 1 and 255 characters.
+                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                          # The value must be between 1 and 1024 characters.
                     },
-                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -660,25 +969,45 @@ 
Method Details

                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                             "A String",
                           ],
                         },
-                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                            # The value must be between 0 and 1000
                       },
                     ],
                   },
-                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                      # If urlRedirect is specified, service or routeAction must not be set.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                        # The value must be between 1 and 255 characters.
+                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                        # The default is set to false.
+                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                        # Supported values are:
+                        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                        # - FOUND, which corresponds to 302.
+                        # - SEE_OTHER which corresponds to 303.
+                        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                        # The default is set to false.
                   },
                 },
               ],
@@ -686,12 +1015,17 @@ 
Method Details

           ],
           "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # Message for the expected URL mappings.
               "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
               "description": "A String", # Description of this test case.
-              "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-              "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+              "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+                  # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+                  # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+                  # expectedOutputUrl is optional when service is specified.
+              "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+                  # expectedRedirectResponseCode cannot be set when service is set.
               "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
               "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
                 { # HTTP headers used in UrlMapTests.
@@ -701,14 +1035,16 @@ 
Method Details

               ],
               "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
               "path": "A String", # Path portion of the URL.
-              "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+              "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+                  # service cannot be set if expectedRedirectResponseCode is set.
             },
           ],
         },
       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -726,7 +1062,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -757,22 +1094,35 @@ 
Method Details

 

 
 

-    delete(project, urlMap, requestId=None, x__xgafv=None)
+    delete(project, urlMap, requestId=None)
   
Deletes the specified UrlMap resource.
 
 Args:
   project: string, Project ID for this request. (required)
   urlMap: string, Name of the UrlMap resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -807,7 +1157,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -821,35 +1172,54 @@ 
Method Details

 

 
 

-    get(project, urlMap, x__xgafv=None)
+    get(project, urlMap)
   
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   urlMap: string, Name of the UrlMap resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+    #
+    # Google Compute Engine has two URL Map resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    #
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    #
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    #
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    #
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    #
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    #
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -858,53 +1228,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -914,34 +1315,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -951,7 +1379,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -961,7 +1390,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -972,19 +1402,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -993,53 +1429,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1049,33 +1516,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1085,7 +1582,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1093,24 +1591,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1119,53 +1625,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1175,37 +1712,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1215,21 +1778,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1238,60 +1805,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1300,53 +1919,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1356,25 +2006,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1382,12 +2052,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -1397,14 +2072,15 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a UrlMap resource in the specified project using the data included in the request.
 
 Args:
@@ -1412,21 +2088,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1435,53 +2134,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1491,34 +2221,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1528,7 +2285,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1538,7 +2296,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -1549,19 +2308,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1570,53 +2335,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1626,33 +2422,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1662,7 +2488,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1670,24 +2497,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1696,53 +2531,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1752,37 +2618,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1792,21 +2684,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1815,60 +2711,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1877,53 +2825,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1933,25 +2912,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1959,12 +2958,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -1974,21 +2978,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2023,7 +3041,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2037,8 +3056,10 @@ 
Method Details

 

 
 

-    invalidateCache(project, urlMap, body=None, requestId=None, x__xgafv=None)
-  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
+    invalidateCache(project, urlMap, body=None, requestId=None)
+  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.
+
+For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2051,16 +3072,29 @@ 
Method Details

   "path": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2095,7 +3129,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2109,20 +3144,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of UrlMap resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2130,21 +3171,44 @@ 
Method Details

     { # Contains a list of UrlMap resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of UrlMap resources.
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+        #
+        # Google Compute Engine has two URL Map resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+        #
+        # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+        #
+        # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+        #
+        # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+        #
+        # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+        #
+        # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+        #
+        # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+          # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2153,53 +3217,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2209,34 +3304,61 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # The headerAction specified here take effect after headerAction specified under pathMatcher.
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2246,7 +3368,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2256,7 +3379,8 @@ 
Method Details

       "hostRules": [ # The list of HostRules to use against the URL.
         { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+              # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "A String",
           ],
           "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2267,19 +3391,25 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "pathMatchers": [ # The list of named PathMatchers to use against the URL.
         { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2288,53 +3418,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2344,33 +3505,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+              # - compute/v1/projects/project/global/backendServices/backendService
+              # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+              # - compute.backendBuckets.use
+              # - compute.backendServices.use
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2380,7 +3571,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2388,24 +3580,32 @@ 
Method Details

             ],
           },
           "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+              # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+              # Within a given pathMatcher, only one of pathRules or routeRules must be set.
             { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
               "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                 "A String",
               ],
-              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of routeAction or urlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2414,53 +3614,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2470,37 +3701,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
-          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+              # Within a given pathMatcher, you can set only one of pathRules or routeRules.
             { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-              "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "description": "A String", # The short description conveying the intent of this routeRule.
+                  # The description can have a maximum length of 1024 characters.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2510,21 +3767,25 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                   "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
                 },
               ],
-              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -2533,60 +3794,112 @@ 
Method Details

               ],
               "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                 { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                      # fullPathMatch must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                   "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                     { # matchRule criteria for request header matches.
-                      "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "headerName": "A String", # The name of the HTTP header to match.
+                          # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                          # For matching a request's method, use the headerName ":method".
+                          # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                          # The default setting is false.
+                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                          # For example for a range [-5, 0]
+                          # - -3 will match.
+                          # - 0 will not match.
+                          # - 0.25 will not match.
+                          # - -3someString will not match.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                         "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                         "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                       },
-                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                          # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                     },
                   ],
-                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                      # The default value is false.
+                      # ignoreCase must not be used with regexMatch.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                      # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                          # This list must not be empty and can have at the most 64 entries.
                         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                          "name": "A String", # Name of metadata label.
+                              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                          "value": "A String", # The value of the label must match the specified value.
+                              # value can have a maximum length of 1024 characters.
                         },
                       ],
-                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                          # Supported values are:
+                          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                     },
                   ],
-                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                      # The value must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                      # Not supported when the URL map is bound to target gRPC proxy.
                     { # HttpRouteRuleMatch criteria for a request's query parameter.
-                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
                       "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                  # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                  # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2595,53 +3908,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2651,25 +3995,45 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
@@ -2677,12 +4041,17 @@ 
Method Details

       ],
       "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         { # Message for the expected URL mappings.
           "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
           "description": "A String", # Description of this test case.
-          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+              # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+              # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+              # expectedOutputUrl is optional when service is specified.
+          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+              # expectedRedirectResponseCode cannot be set when service is set.
           "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
           "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
             { # HTTP headers used in UrlMapTests.
@@ -2692,7 +4061,8 @@ 
Method Details

           ],
           "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
           "path": "A String", # Path portion of the URL.
-          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+              # service cannot be set if expectedRedirectResponseCode is set.
         },
       ],
     },
@@ -2702,7 +4072,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2728,7 +4099,7 @@ 
Method Details

 

 
 

-    patch(project, urlMap, body=None, requestId=None, x__xgafv=None)
+    patch(project, urlMap, body=None, requestId=None)
   
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -2737,21 +4108,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2760,53 +4154,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2816,34 +4241,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2853,7 +4305,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2863,7 +4316,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2874,19 +4328,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2895,53 +4355,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2951,33 +4442,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2987,7 +4508,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2995,24 +4517,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3021,53 +4551,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3077,37 +4638,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3117,21 +4704,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3140,60 +4731,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3202,53 +4845,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3258,25 +4932,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3284,12 +4978,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -3299,21 +4998,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3348,7 +5061,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3362,7 +5076,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -3377,10 +5091,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -3393,7 +5103,7 @@ 
Method Details

 

 
 

-    update(project, urlMap, body=None, requestId=None, x__xgafv=None)
+    update(project, urlMap, body=None, requestId=None)
   
Updates the specified UrlMap resource with the data included in the request.
 
 Args:
@@ -3402,21 +5112,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3425,53 +5158,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3481,34 +5245,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3518,7 +5309,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3528,7 +5320,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -3539,19 +5332,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3560,53 +5359,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3616,33 +5446,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3652,7 +5512,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3660,24 +5521,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3686,53 +5555,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3742,37 +5642,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3782,21 +5708,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3805,60 +5735,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3867,53 +5849,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3923,25 +5936,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3949,12 +5982,17 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
@@ -3964,21 +6002,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4013,7 +6065,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4027,7 +6080,7 @@ 
Method Details

 

 
 

-    validate(project, urlMap, body=None, x__xgafv=None)
+    validate(project, urlMap, body=None)
   
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.
 
 Args:
@@ -4037,21 +6090,44 @@ 
Method Details

     The object takes the form of:
 
 {
-  "resource": { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/alpha/urlMaps) * [Regional](/compute/docs/reference/rest/alpha/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts. # Content of the UrlMap to be validated.
+  "resource": { # Represents a URL Map resource. # Content of the UrlMap to be validated.
+      #
+      # Google Compute Engine has two URL Map resources:
+      #
+      # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+      #
+      # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+      #
+      # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+      #
+      # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+      #
+      # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+      #
+      # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+      #
+      # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-    "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+    "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+        # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+        # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+        # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+            # Default is false.
         "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
           "A String",
         ],
         "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
           "A String",
         ],
-        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
-        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
         "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4060,53 +6136,84 @@ 
Method Details

         ],
         "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
       },
-      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+          # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
         "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-          "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "httpStatus": 42, # The HTTP status code used to abort the request.
+              # The value must be between 200 and 599 inclusive.
+              # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
         "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
           "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+          # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
       },
-      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+            # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+            # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+            # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+            # -
+            # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+            # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+            # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+            # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+            # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+            # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+            # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
           "A String",
         ],
       },
-      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+          # If not specified, will use the largest timeout among all backend services associated with the route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+          # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+            # The value must be between 1 and 255 characters.
+        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+            # The value must be between 1 and 1024 characters.
       },
-      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-        { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+          # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+        { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
           "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4116,34 +6223,61 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+              # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+              # The value must be between 0 and 1000
         },
       ],
     },
-    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+        # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+        # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+        # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+          # The value must be between 1 and 255 characters.
+      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+          # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+          # The default is set to false.
+      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+          # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+          # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+          # Supported values are:
+          # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+          # - FOUND, which corresponds to 302.
+          # - SEE_OTHER which corresponds to 303.
+          # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+          # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+          # The default is set to false.
     },
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+        # The headerAction specified here take effect after headerAction specified under pathMatcher.
+        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4153,7 +6287,8 @@ 
Method Details

         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -4163,7 +6298,8 @@ 
Method Details

     "hostRules": [ # The list of HostRules to use against the URL.
       { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+            # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "A String",
         ],
         "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -4174,19 +6310,25 @@ 
Method Details

     "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     "pathMatchers": [ # The list of named PathMatchers to use against the URL.
       { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-        "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+        "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+            # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+            # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                # Default is false.
             "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
               "A String",
             ],
             "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
               "A String",
             ],
-            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
-            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
             "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4195,53 +6337,84 @@ 
Method Details

             ],
             "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
           },
-          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+              # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
             "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-              "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "httpStatus": 42, # The HTTP status code used to abort the request.
+                  # The value must be between 200 and 599 inclusive.
+                  # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
             "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
               "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+              # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
           },
-          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                # -
+                # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
               "A String",
             ],
           },
-          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+              # If not specified, will use the largest timeout among all backend services associated with the route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+              # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                # The value must be between 1 and 255 characters.
+            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                # The value must be between 1 and 1024 characters.
           },
-          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-            { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+              # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+            { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
               "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4251,33 +6424,63 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                  # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                  # The value must be between 0 and 1000
             },
           ],
         },
-        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+            # - compute/v1/projects/project/global/backendServices/backendService
+            # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+            # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+            # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+            # - compute.backendBuckets.use
+            # - compute.backendServices.use
+        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+            # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+              # The value must be between 1 and 255 characters.
+          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+              # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+              # The default is set to false.
+          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+              # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+              # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+              # Supported values are:
+              # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+              # - FOUND, which corresponds to 302.
+              # - SEE_OTHER which corresponds to 303.
+              # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+              # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+              # The default is set to false.
         },
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4287,7 +6490,8 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -4295,24 +6499,32 @@ 
Method Details

           ],
         },
         "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+            # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+            # Within a given pathMatcher, only one of pathRules or routeRules must be set.
           { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
             "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
               "A String",
             ],
-            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of routeAction or urlRedirect must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4321,53 +6533,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4377,37 +6620,63 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
-        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+            # Within a given pathMatcher, you can set only one of pathRules or routeRules.
           { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-            "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "description": "A String", # The short description conveying the intent of this routeRule.
+                # The description can have a maximum length of 1024 characters.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4417,21 +6686,25 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                 "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
               },
             ],
-            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -4440,60 +6713,112 @@ 
Method Details

             ],
             "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
               { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                    # fullPathMatch must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                 "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                   { # matchRule criteria for request header matches.
-                    "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "headerName": "A String", # The name of the HTTP header to match.
+                        # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                        # For matching a request's method, use the headerName ":method".
+                        # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                        # The default setting is false.
+                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                        # For example for a range [-5, 0]
+                        # - -3 will match.
+                        # - 0 will not match.
+                        # - 0.25 will not match.
+                        # - -3someString will not match.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                       "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                       "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                     },
-                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                        # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                   },
                 ],
-                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                    # The default value is false.
+                    # ignoreCase must not be used with regexMatch.
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                    # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                    # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                      # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                        # This list must not be empty and can have at the most 64 entries.
                       { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                        "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                        "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                        "name": "A String", # Name of metadata label.
+                            # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                        "value": "A String", # The value of the label must match the specified value.
+                            # value can have a maximum length of 1024 characters.
                       },
                     ],
-                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                        # Supported values are:
+                        # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                        # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                   },
                 ],
-                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                    # The value must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                    # Not supported when the URL map is bound to target gRPC proxy.
                   { # HttpRouteRuleMatch criteria for a request's query parameter.
-                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
                     "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                        # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                   },
                 ],
-                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                    # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               },
             ],
-            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4502,53 +6827,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4558,25 +6914,45 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
@@ -4584,12 +6960,17 @@ 
Method Details

     ],
     "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
     "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       { # Message for the expected URL mappings.
         "backendServiceWeight": 42, # The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting.
         "description": "A String", # Description of this test case.
-        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+            # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+            # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+            # expectedOutputUrl is optional when service is specified.
+        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+            # expectedRedirectResponseCode cannot be set when service is set.
         "expectedUrlRedirect": "A String", # The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.
         "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
           { # HTTP headers used in UrlMapTests.
@@ -4599,16 +6980,13 @@ 
Method Details

         ],
         "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
         "path": "A String", # Path portion of the URL.
-        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+            # service cannot be set if expectedRedirectResponseCode is set.
       },
     ],
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.vpnGateways.html b/docs/dyn/compute_alpha.vpnGateways.html
index 409ad83218c..1662fca7cf9 100644
--- a/docs/dyn/compute_alpha.vpnGateways.html
+++ b/docs/dyn/compute_alpha.vpnGateways.html
@@ -75,7 +75,7 @@
 
Compute Engine API . vpnGateways

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of VPN gateways.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, vpnGateway, requestId=None, x__xgafv=None)

+  delete(project, region, vpnGateway, requestId=None)

 
Deletes the specified VPN gateway.

 

-  get(project, region, vpnGateway, x__xgafv=None)

+  get(project, region, vpnGateway)

 
Returns the specified VPN gateway. Gets a list of available VPN gateways by making a list() request.

 

-  getStatus(project, region, vpnGateway, x__xgafv=None)

+  getStatus(project, region, vpnGateway)

 
Returns the status for the specified VPN gateway.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a VPN gateway in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of VPN gateways available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a VpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of VPN gateways.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,12 +139,16 @@ 
Method Details

   "items": { # A list of VpnGateway resources.
     "a_key": { # [Output Only] Name of the scope containing this set of VPN gateways.
       "vpnGateways": [ # [Output Only] A list of VPN gateways contained in this scope.
-        { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+        { # Represents a HA VPN gateway.
+            #
+            # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -149,7 +159,8 @@ 
Method Details

           "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
             { # A VPN gateway interface.
               "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-              "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+              "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+                  # Not currently available publicly.
               "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
             },
           ],
@@ -157,7 +168,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -175,7 +187,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -206,23 +219,36 @@ 
Method Details

 

 
 

-    delete(project, region, vpnGateway, requestId=None, x__xgafv=None)
+    delete(project, region, vpnGateway, requestId=None)
   
Deletes the specified VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -257,7 +283,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -271,27 +298,27 @@ 
Method Details

 

 
 

-    get(project, region, vpnGateway, x__xgafv=None)
+    get(project, region, vpnGateway)
   
Returns the specified VPN gateway. Gets a list of available VPN gateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+    { # Represents a HA VPN gateway.
+    #
+    # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -302,7 +329,8 @@ 
Method Details

   "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
     { # A VPN gateway interface.
       "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+          # Not currently available publicly.
       "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
     },
   ],
@@ -310,17 +338,13 @@ 
Method Details

 

 
 

-    getStatus(project, region, vpnGateway, x__xgafv=None)
+    getStatus(project, region, vpnGateway)
   
Returns the status for the specified VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -349,7 +373,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a VPN gateway in the specified project and region using the data included in the request.
 
 Args:
@@ -358,12 +382,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+{ # Represents a HA VPN gateway.
+    # 
+    # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -374,22 +402,36 @@ 
Method Details

   "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
     { # A VPN gateway interface.
       "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+          # Not currently available publicly.
       "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -424,7 +466,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -438,21 +481,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of VPN gateways available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -460,12 +509,16 @@ 
Method Details

     { # Contains a list of VpnGateway resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of VpnGateway resources.
-    { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+    { # Represents a HA VPN gateway.
+        #
+        # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -476,7 +529,8 @@ 
Method Details

       "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
         { # A VPN gateway interface.
           "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-          "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+          "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+              # Not currently available publicly.
           "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
         },
       ],
@@ -487,7 +541,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -513,7 +568,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a VpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -530,16 +585,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -574,7 +642,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -588,7 +657,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -604,10 +673,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.vpnTunnels.html b/docs/dyn/compute_alpha.vpnTunnels.html
index 6a354ccdf1b..677cbc8454e 100644
--- a/docs/dyn/compute_alpha.vpnTunnels.html
+++ b/docs/dyn/compute_alpha.vpnTunnels.html
@@ -75,7 +75,7 @@
 
Compute Engine API . vpnTunnels

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of VPN tunnels.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, vpnTunnel, requestId=None, x__xgafv=None)

+  delete(project, region, vpnTunnel, requestId=None)

 
Deletes the specified VpnTunnel resource.

 

-  get(project, region, vpnTunnel, x__xgafv=None)

+  get(project, region, vpnTunnel)

 
Returns the specified VpnTunnel resource. Gets a list of available VPN tunnels by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a VpnTunnel resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of VpnTunnel resources contained in the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of VPN tunnels.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,14 +136,18 @@ 
Method Details

   "items": { # A list of VpnTunnelsScopedList resources.
     "a_key": { # Name of the scope containing this set of VPN tunnels.
       "vpnTunnels": [ # A list of VPN tunnels contained in this scope.
-        { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+        { # Represents a Cloud VPN Tunnel resource.
+            #
+            # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
           "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -157,7 +167,22 @@ 
Method Details

           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
           "sharedSecretHash": "A String", # Hash of the shared secret.
-          "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+          "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+              # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+              # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+              # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+              # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+              # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+              # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+              # - NEGOTIATION_FAILURE: Handshake failed.
+              # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+              # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+              # - NO_INCOMING_PACKETS: No incoming packets from peer.
+              # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+              # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+              # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+              # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+              # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
           "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
           "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
           "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -165,7 +190,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -183,7 +209,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -214,23 +241,36 @@ 
Method Details

 

 
 

-    delete(project, region, vpnTunnel, requestId=None, x__xgafv=None)
+    delete(project, region, vpnTunnel, requestId=None)
   
Deletes the specified VpnTunnel resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnTunnel: string, Name of the VpnTunnel resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -265,7 +305,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -279,29 +320,29 @@ 
Method Details

 

 
 

-    get(project, region, vpnTunnel, x__xgafv=None)
+    get(project, region, vpnTunnel)
   
Returns the specified VpnTunnel resource. Gets a list of available VPN tunnels by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnTunnel: string, Name of the VpnTunnel resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+    { # Represents a Cloud VPN Tunnel resource.
+    #
+    # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
   "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -321,7 +362,22 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
   "sharedSecretHash": "A String", # Hash of the shared secret.
-  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+      # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+      # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+      # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+      # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+      # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+      # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+      # - NEGOTIATION_FAILURE: Handshake failed.
+      # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+      # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+      # - NO_INCOMING_PACKETS: No incoming packets from peer.
+      # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+      # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+      # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+      # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+      # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
   "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
   "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
   "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -329,7 +385,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a VpnTunnel resource in the specified project and region using the data included in the request.
 
 Args:
@@ -338,14 +394,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+{ # Represents a Cloud VPN Tunnel resource.
+    # 
+    # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
   "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -365,22 +425,50 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
   "sharedSecretHash": "A String", # Hash of the shared secret.
-  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+      # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+      # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+      # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+      # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+      # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+      # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+      # - NEGOTIATION_FAILURE: Handshake failed.
+      # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+      # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+      # - NO_INCOMING_PACKETS: No incoming packets from peer.
+      # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+      # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+      # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+      # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+      # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
   "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
   "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
   "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -415,7 +503,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -429,21 +518,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of VpnTunnel resources contained in the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -451,14 +546,18 @@ 
Method Details

     { # Contains a list of VpnTunnel resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of VpnTunnel resources.
-    { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+    { # Represents a Cloud VPN Tunnel resource.
+        #
+        # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
       "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -478,7 +577,22 @@ 
Method Details

       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
       "sharedSecretHash": "A String", # Hash of the shared secret.
-      "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+      "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+          # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+          # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+          # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+          # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+          # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+          # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+          # - NEGOTIATION_FAILURE: Handshake failed.
+          # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+          # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+          # - NO_INCOMING_PACKETS: No incoming packets from peer.
+          # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+          # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+          # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+          # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+          # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
       "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
       "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
       "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -489,7 +603,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -515,7 +630,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -532,16 +647,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -576,7 +704,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -590,7 +719,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -606,10 +735,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.zoneInPlaceSnapshots.html b/docs/dyn/compute_alpha.zoneInPlaceSnapshots.html
index dee22e999a3..85caac6fefe 100644
--- a/docs/dyn/compute_alpha.zoneInPlaceSnapshots.html
+++ b/docs/dyn/compute_alpha.zoneInPlaceSnapshots.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, inPlaceSnapshot, requestId=None, x__xgafv=None)

-
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot. For more information, see Deleting inPlaceSnapshots.

+  delete(project, zone, inPlaceSnapshot, requestId=None)

+
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot.

 

-  get(project, zone, inPlaceSnapshot, x__xgafv=None)

+  get(project, zone, inPlaceSnapshot)

 
Returns the specified InPlaceSnapshot resource in the specified zone.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an in-place snapshot in the specified zone.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of InPlaceSnapshot resources contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, resource, body=None, requestId=None)

 
Sets the labels on a inPlaceSnapshot in the given zone. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -111,23 +111,38 @@ 
Method Details

 

 
 

-    delete(project, zone, inPlaceSnapshot, requestId=None, x__xgafv=None)
-  
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot. For more information, see Deleting inPlaceSnapshots.
+    delete(project, zone, inPlaceSnapshot, requestId=None)
+  
Deletes the specified InPlaceSnapshot resource. Keep in mind that deleting a single inPlaceSnapshot might not necessarily delete all the data on that inPlaceSnapshot. If any data on the inPlaceSnapshot that is marked for deletion is needed for subsequent inPlaceSnapshots, the data will be moved to the next corresponding inPlaceSnapshot.
+
+For more information, see Deleting inPlaceSnapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   inPlaceSnapshot: string, Name of the InPlaceSnapshot resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -162,7 +177,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -176,29 +192,29 @@ 
Method Details

 

 
 

-    get(project, zone, inPlaceSnapshot, x__xgafv=None)
+    get(project, zone, inPlaceSnapshot)
   
Returns the specified InPlaceSnapshot resource in the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   inPlaceSnapshot: string, Name of the InPlaceSnapshot resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a InPlaceSnapshot resource. You can use in-place snapshots to create disk rollback points quickly..
+    { # Represents a InPlaceSnapshot resource.
+    #
+    # You can use in-place snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.inPlaceSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Specifies to create an application consistent in-place snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#inPlaceSnapshot", # [Output Only] Type of the resource. Always compute#inPlaceSnapshot for InPlaceSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
   "labels": { # Labels to apply to this InPlaceSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -206,7 +222,10 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InPlaceSnapshot. This value may be used to determine whether the InPlaceSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the inPlaceSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -214,7 +233,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -222,27 +241,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -250,76 +293,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an in-place snapshot in the specified zone.
 
 Args:
@@ -328,14 +439,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a InPlaceSnapshot resource. You can use in-place snapshots to create disk rollback points quickly..
+{ # Represents a InPlaceSnapshot resource.
+    # 
+    # You can use in-place snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.inPlaceSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Specifies to create an application consistent in-place snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#inPlaceSnapshot", # [Output Only] Type of the resource. Always compute#inPlaceSnapshot for InPlaceSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
   "labels": { # Labels to apply to this InPlaceSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -343,22 +458,38 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InPlaceSnapshot. This value may be used to determine whether the InPlaceSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the inPlaceSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -393,7 +524,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -407,21 +539,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of InPlaceSnapshot resources contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -429,14 +567,18 @@ 
Method Details

     { # Contains a list of InPlaceSnapshot resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InPlaceSnapshot resources.
-    { # Represents a InPlaceSnapshot resource. You can use in-place snapshots to create disk rollback points quickly..
+    { # Represents a InPlaceSnapshot resource.
+        #
+        # You can use in-place snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.inPlaceSnapshots ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
       "guestFlush": True or False, # Specifies to create an application consistent in-place snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#inPlaceSnapshot", # [Output Only] Type of the resource. Always compute#inPlaceSnapshot for InPlaceSnapshot resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InPlaceSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a InPlaceSnapshot.
       "labels": { # Labels to apply to this InPlaceSnapshot. These can be later modified by the setLabels method. Label values may be empty.
         "a_key": "A String",
       },
@@ -444,7 +586,10 @@ 
Method Details

       "region": "A String", # [Output Only] URL of the region where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-      "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+      "sourceDisk": "A String", # URL of the source disk used to create this in-place snapshot. Note that the source disk must be in the same zone/region as the in-place snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InPlaceSnapshot. This value may be used to determine whether the InPlaceSnapshot was taken from the current or a previous instance of a given disk name.
       "status": "A String", # [Output Only] The status of the inPlaceSnapshot. This can be CREATING, DELETING, FAILED, or READY.
       "zone": "A String", # [Output Only] URL of the zone where the in-place snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -455,7 +600,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -481,7 +627,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -494,33 +640,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -528,95 +748,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -624,76 +936,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, resource, body=None, requestId=None)
   
Sets the labels on a inPlaceSnapshot in the given zone. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -710,16 +1090,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -754,7 +1147,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -768,7 +1162,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -784,10 +1178,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.zoneInstantSnapshots.html b/docs/dyn/compute_alpha.zoneInstantSnapshots.html
index 542d45d2e08..04d5ce0d825 100644
--- a/docs/dyn/compute_alpha.zoneInstantSnapshots.html
+++ b/docs/dyn/compute_alpha.zoneInstantSnapshots.html
@@ -78,34 +78,34 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, instantSnapshot, requestId=None, x__xgafv=None)

-
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot. For more information, see Deleting instantSnapshots.

+  delete(project, zone, instantSnapshot, requestId=None)

+
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot.

 

-  export(project, zone, instantSnapshot, body=None, requestId=None, x__xgafv=None)

+  export(project, zone, instantSnapshot, body=None, requestId=None)

 
Export the changed blocks between two instant snapshots to a customer's bucket in the user specified format.

 

-  get(project, zone, instantSnapshot, x__xgafv=None)

+  get(project, zone, instantSnapshot)

 
Returns the specified InstantSnapshot resource in the specified zone.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an instant snapshot in the specified zone.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of InstantSnapshot resources contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, resource, body=None, requestId=None)

 
Sets the labels on a instantSnapshot in the given zone. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -114,23 +114,38 @@ 
Method Details

 

 
 

-    delete(project, zone, instantSnapshot, requestId=None, x__xgafv=None)
-  
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot. For more information, see Deleting instantSnapshots.
+    delete(project, zone, instantSnapshot, requestId=None)
+  
Deletes the specified InstantSnapshot resource. Keep in mind that deleting a single instantSnapshot might not necessarily delete all the data on that instantSnapshot. If any data on the instantSnapshot that is marked for deletion is needed for subsequent instantSnapshots, the data will be moved to the next corresponding instantSnapshot.
+
+For more information, see Deleting instantSnapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instantSnapshot: string, Name of the InstantSnapshot resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -165,7 +180,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -179,7 +195,7 @@ 
Method Details

 

 
 

-    export(project, zone, instantSnapshot, body=None, requestId=None, x__xgafv=None)
+    export(project, zone, instantSnapshot, body=None, requestId=None)
   
Export the changed blocks between two instant snapshots to a customer's bucket in the user specified format.
 
 Args:
@@ -197,7 +213,12 @@ 
Method Details

       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "objectName": "A String", # Name of the output Bigstore object storing the changed blocks. Object name must be less than 1024 bytes in length.
@@ -205,16 +226,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -249,7 +283,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -263,29 +298,29 @@ 
Method Details

 

 
 

-    get(project, zone, instantSnapshot, x__xgafv=None)
+    get(project, zone, instantSnapshot)
   
Returns the specified InstantSnapshot resource in the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instantSnapshot: string, Name of the InstantSnapshot resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a InstantSnapshot resource. You can use instant snapshots to create disk rollback points quickly..
+    { # Represents a InstantSnapshot resource.
+    #
+    # You can use instant snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.instantSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Whether to attempt an application consistent instant snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instantSnapshot", # [Output Only] Type of the resource. Always compute#instantSnapshot for InstantSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
   "labels": { # Labels to apply to this InstantSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -294,7 +329,13 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InstantSnapshot. This value may be used to determine whether the InstantSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the instantSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -302,7 +343,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -310,27 +351,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -338,76 +403,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an instant snapshot in the specified zone.
 
 Args:
@@ -416,14 +549,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a InstantSnapshot resource. You can use instant snapshots to create disk rollback points quickly..
+{ # Represents a InstantSnapshot resource.
+    # 
+    # You can use instant snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.instantSnapshots ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
   "guestFlush": True or False, # Whether to attempt an application consistent instant snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instantSnapshot", # [Output Only] Type of the resource. Always compute#instantSnapshot for InstantSnapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
   "labels": { # Labels to apply to this InstantSnapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -432,22 +569,41 @@ 
Method Details

   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InstantSnapshot. This value may be used to determine whether the InstantSnapshot was taken from the current or a previous instance of a given disk name.
   "status": "A String", # [Output Only] The status of the instantSnapshot. This can be CREATING, DELETING, FAILED, or READY.
   "zone": "A String", # [Output Only] URL of the zone where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -482,7 +638,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -496,21 +653,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of InstantSnapshot resources contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -518,14 +681,18 @@ 
Method Details

     { # Contains a list of InstantSnapshot resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstantSnapshot resources.
-    { # Represents a InstantSnapshot resource. You can use instant snapshots to create disk rollback points quickly..
+    { # Represents a InstantSnapshot resource.
+        #
+        # You can use instant snapshots to create disk rollback points quickly.. (== resource_for {$api_version}.instantSnapshots ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "diskSizeGb": "A String", # [Output Only] Size of the source disk, specified in GB.
       "guestFlush": True or False, # Whether to attempt an application consistent instant snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#instantSnapshot", # [Output Only] Type of the resource. Always compute#instantSnapshot for InstantSnapshot resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
       "labels": { # Labels to apply to this InstantSnapshot. These can be later modified by the setLabels method. Label values may be empty.
         "a_key": "A String",
       },
@@ -534,7 +701,13 @@ 
Method Details

       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
-      "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sourceDisk": "A String", # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this InstantSnapshot. This value may be used to determine whether the InstantSnapshot was taken from the current or a previous instance of a given disk name.
       "status": "A String", # [Output Only] The status of the instantSnapshot. This can be CREATING, DELETING, FAILED, or READY.
       "zone": "A String", # [Output Only] URL of the zone where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
@@ -545,7 +718,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -571,7 +745,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -584,33 +758,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -618,95 +866,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -714,76 +1054,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, resource, body=None, requestId=None)
   
Sets the labels on a instantSnapshot in the given zone. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -800,16 +1208,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -844,7 +1265,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -858,7 +1280,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -874,10 +1296,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_alpha.zoneOperations.html b/docs/dyn/compute_alpha.zoneOperations.html
index 2d2288f53d8..0458dd7891c 100644
--- a/docs/dyn/compute_alpha.zoneOperations.html
+++ b/docs/dyn/compute_alpha.zoneOperations.html
@@ -78,20 +78,20 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, operation, x__xgafv=None)

+  delete(project, zone, operation)

 
Deletes the specified zone-specific Operations resource.

 

-  get(project, zone, operation, x__xgafv=None)

+  get(project, zone, operation)

 
Retrieves the specified zone-specific Operations resource.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, zone, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, zone, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

     close()
@@ -99,37 +99,42 @@ 
Method Details

 

 
 

-    delete(project, zone, operation, x__xgafv=None)
+    delete(project, zone, operation)
   
Deletes the specified zone-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, zone, operation, x__xgafv=None)
+    get(project, zone, operation)
   
Retrieves the specified zone-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -164,7 +169,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -178,21 +184,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -200,7 +212,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -235,7 +260,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -252,7 +278,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -278,22 +305,35 @@ 
Method Details

 

 
 

-    wait(project, zone, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, zone, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/alpha/globalOperations) * [Regional](/compute/docs/reference/rest/alpha/regionOperations) * [Zonal](/compute/docs/reference/rest/alpha/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -328,7 +368,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_alpha.zones.html b/docs/dyn/compute_alpha.zones.html
index dbd98e175cb..da3c5e10594 100644
--- a/docs/dyn/compute_alpha.zones.html
+++ b/docs/dyn/compute_alpha.zones.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, x__xgafv=None)

+  get(project, zone)

 
Returns the specified Zone resource. Gets a list of available zones by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Zone resources available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,21 +93,19 @@ 
Method Details

 

 
 

-    get(project, zone, x__xgafv=None)
+    get(project, zone)
   
Returns the specified Zone resource. Gets a list of available zones by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Zone resource. A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones.
+    { # Represents a Zone resource.
+    #
+    # A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones. (== resource_for {$api_version}.zones ==)
   "availableCpuPlatforms": [ # [Output Only] Available cpu/platform selections for the zone.
     "A String",
   ],
@@ -120,7 +118,11 @@ 
Method Details

     "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
     "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
       "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+      "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+          #
+          # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+          #
+          # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
         "a_key": "A String",
       },
     },
@@ -137,20 +139,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Zone resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -158,7 +166,9 @@ 
Method Details

     { # Contains a list of zone resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Zone resources.
-    { # Represents a Zone resource. A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones.
+    { # Represents a Zone resource.
+        #
+        # A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones. (== resource_for {$api_version}.zones ==)
       "availableCpuPlatforms": [ # [Output Only] Available cpu/platform selections for the zone.
         "A String",
       ],
@@ -171,7 +181,11 @@ 
Method Details

         "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
         "stateOverride": { # A rollout policy configuration. # The rollout policy of this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state.
           "defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated.
-          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
+          "locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
+              #
+              # Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a.
+              #
+              # The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location.
             "a_key": "A String",
           },
         },
@@ -191,7 +205,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.acceleratorTypes.html b/docs/dyn/compute_beta.acceleratorTypes.html
index 4f8d43d7d25..7b38b04e29f 100644
--- a/docs/dyn/compute_beta.acceleratorTypes.html
+++ b/docs/dyn/compute_beta.acceleratorTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . acceleratorTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of accelerator types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, acceleratorType, x__xgafv=None)

+  get(project, zone, acceleratorType)

 
Returns the specified accelerator type.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of accelerator types that are available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of accelerator types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of AcceleratorTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of accelerator types.
       "acceleratorTypes": [ # [Output Only] A list of accelerator types contained in this scope.
-        { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+        { # Represents an Accelerator Type resource.
+            #
+            # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
             "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -138,7 +146,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the accelerator types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -156,7 +165,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -187,22 +197,20 @@ 
Method Details

 

 
 

-    get(project, zone, acceleratorType, x__xgafv=None)
+    get(project, zone, acceleratorType)
   
Returns the specified accelerator type.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   acceleratorType: string, Name of the accelerator type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+    { # Represents an Accelerator Type resource.
+    #
+    # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
     "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -222,21 +230,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of accelerator types that are available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -244,7 +258,9 @@ 
Method Details

     { # Contains a list of accelerator types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of AcceleratorType resources.
-    { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+    { # Represents an Accelerator Type resource.
+        #
+        # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
         "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -267,7 +283,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.addresses.html b/docs/dyn/compute_beta.addresses.html
index fe02d63fe6c..cb2e075fc61 100644
--- a/docs/dyn/compute_beta.addresses.html
+++ b/docs/dyn/compute_beta.addresses.html
@@ -75,7 +75,7 @@
 
Compute Engine API . addresses

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of addresses.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, address, requestId=None, x__xgafv=None)

+  delete(project, region, address, requestId=None)

 
Deletes the specified address resource.

 

-  get(project, region, address, x__xgafv=None)

+  get(project, region, address)

 
Returns the specified address resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an address resource in the specified project by using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of addresses contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of addresses.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,21 @@ 
Method Details

   "items": { # A list of AddressesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of addresses.
       "addresses": [ # [Output Only] A list of addresses contained in this scope.
-        { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+        { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+            #
+            # Use global internal addresses for reserved peering network range.
+            #
+            # Use regional external addresses for the following resources:
+            #
+            # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+            #
+            # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+            #
+            # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+            #
+            # For more information, read reserved IP address.
+            #
+            # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
           "address": "A String", # The static IP address represented by this resource.
           "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -138,16 +158,25 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
           "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an Address.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
           "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+              #
+              # If this field is not specified, it is assumed to be PREMIUM.
           "prefixLength": 42, # The prefix length if the resource represents an IP range.
-          "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-          "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+          "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+              # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+              # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+              # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+              # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+              # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+          "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
           "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -158,7 +187,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -176,7 +206,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -207,23 +238,36 @@ 
Method Details

 

 
 

-    delete(project, region, address, requestId=None, x__xgafv=None)
+    delete(project, region, address, requestId=None)
   
Deletes the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   address: string, Name of the address resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -257,7 +301,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -271,22 +316,32 @@ 
Method Details

 

 
 

-    get(project, region, address, x__xgafv=None)
+    get(project, region, address)
   
Returns the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   address: string, Name of the address resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    #
+    # Use global internal addresses for reserved peering network range.
+    #
+    # Use regional external addresses for the following resources:
+    #
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    #
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    #
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    #
+    # For more information, read reserved IP address.
+    #
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -294,16 +349,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -314,7 +378,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an address resource in the specified project by using the data included in the request.
 
 Args:
@@ -323,7 +387,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    # 
+    # Use global internal addresses for reserved peering network range.
+    # 
+    # Use regional external addresses for the following resources:
+    # 
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    # 
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    # 
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    # 
+    # For more information, read reserved IP address.
+    # 
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -331,16 +409,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -349,16 +436,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -392,7 +492,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -406,21 +507,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of addresses contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -428,7 +535,21 @@ 
Method Details

     { # Contains a list of addresses.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Address resources.
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+        #
+        # Use global internal addresses for reserved peering network range.
+        #
+        # Use regional external addresses for the following resources:
+        #
+        # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+        #
+        # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+        #
+        # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+        #
+        # For more information, read reserved IP address.
+        #
+        # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
       "address": "A String", # The static IP address represented by this resource.
       "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -436,16 +557,25 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
       "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an Address.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM.
       "prefixLength": 42, # The prefix length if the resource represents an IP range.
-      "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+      "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+          # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+          # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+          # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+          # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+          # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
       "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -459,7 +589,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -485,7 +616,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -502,16 +633,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -545,7 +689,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -559,7 +704,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -575,10 +720,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.autoscalers.html b/docs/dyn/compute_beta.autoscalers.html
index 6a018edac63..f1c362b426a 100644
--- a/docs/dyn/compute_beta.autoscalers.html
+++ b/docs/dyn/compute_beta.autoscalers.html
@@ -75,7 +75,7 @@
 
Compute Engine API . autoscalers

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of autoscalers.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, autoscaler, requestId=None, x__xgafv=None)

+  delete(project, zone, autoscaler, requestId=None)

 
Deletes the specified autoscaler.

 

-  get(project, zone, autoscaler, x__xgafv=None)

+  get(project, zone, autoscaler)

 
Returns the specified autoscaler resource. Gets a list of available autoscalers by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an autoscaler in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of autoscalers contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  update(project, zone, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of autoscalers.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,19 +139,58 @@ 
Method Details

   "items": { # A list of AutoscalersScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of autoscalers.
       "autoscalers": [ # [Output Only] A list of autoscalers contained in this scope.
-        { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-          "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-            "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+        { # Represents an Autoscaler resource.
+            #
+            # Google Compute Engine has two Autoscaler resources:
+            #
+            # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+            #
+            # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+            #
+            # For zonal managed instance groups resource, use the autoscaler resource.
+            #
+            # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+          "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+              #
+              # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+            "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+                #
+                # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
             "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-              "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-              "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+              "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+                  #
+                  # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+              "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+                  #
+                  # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+                  #
+                  # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
             },
             "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
               { # Custom utilization metric policy.
-                "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-                "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-                "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-                "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+                "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                    #
+                    # For the filter to be valid for autoscaling purposes, the following rules apply:
+                    # - You can only use the AND operator for joining selectors.
+                    # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                    # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                    # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                    # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                    #
+                    # If not specified, the type defaults to gce_instance.
+                    #
+                    # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+                "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                    #
+                    # The metric must have a value type of INT64 or DOUBLE.
+                "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                    #
+                    # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                    #
+                    # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+                "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                    #
+                    # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
                 "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
               },
             ],
@@ -157,7 +202,11 @@ 
Method Details

             "mode": "A String", # Defines operating mode for this policy.
             "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
               "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -165,7 +214,11 @@ 
Method Details

             },
             "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
               "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -178,7 +231,7 @@ 
Method Details

                 "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
                 "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
                 "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-                "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+                "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
               },
             },
           },
@@ -197,11 +250,31 @@ 
Method Details

             },
           },
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+          "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+              # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+              # - DELETING: Configuration is being deleted.
+              # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+              # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
           "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
             {
               "message": "A String", # The status message.
-              "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+              "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+                  # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+                  # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+                  # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+                  # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+                  # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+                  # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+                  # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+                  # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+                  # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+                  # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+                  # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+                  # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+                  # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+                  # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+                  # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+                  # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
             },
           ],
           "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -210,7 +283,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of autoscalers when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -223,12 +297,13 @@ 
Method Details

   "kind": "compute#autoscalerAggregatedList", # [Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "unreachables": [ # [Output Only] Unreachable resources. end_interface: MixerListResponseWithEtagBuilder
+  "unreachables": [ # [Output Only] Unreachable resources.
     "A String",
   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -259,23 +334,36 @@ 
Method Details

 

 
 

-    delete(project, zone, autoscaler, requestId=None, x__xgafv=None)
+    delete(project, zone, autoscaler, requestId=None)
   
Deletes the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   autoscaler: string, Name of the autoscaler to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -309,7 +397,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -323,34 +412,69 @@ 
Method Details

 

 
 

-    get(project, zone, autoscaler, x__xgafv=None)
+    get(project, zone, autoscaler)
   
Returns the specified autoscaler resource. Gets a list of available autoscalers by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   autoscaler: string, Name of the autoscaler to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+    #
+    # Google Compute Engine has two Autoscaler resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    #
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    #
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    #
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      #
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -362,7 +486,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -370,7 +498,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -383,7 +515,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -402,11 +534,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -415,7 +567,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -424,19 +576,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -448,7 +639,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -456,7 +651,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -469,7 +668,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -488,27 +687,60 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
   "zone": "A String", # [Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -542,7 +774,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -556,21 +789,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of autoscalers contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -578,19 +817,58 @@ 
Method Details

     { # Contains a list of Autoscaler resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Autoscaler resources.
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+        #
+        # Google Compute Engine has two Autoscaler resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+        #
+        # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+        #
+        # For zonal managed instance groups resource, use the autoscaler resource.
+        #
+        # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+          #
+          # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+            #
+            # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
         "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+              #
+              # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+              #
+              # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+              #
+              # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
         },
         "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
           { # Custom utilization metric policy.
-            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                #
+                # For the filter to be valid for autoscaling purposes, the following rules apply:
+                # - You can only use the AND operator for joining selectors.
+                # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                #
+                # If not specified, the type defaults to gce_instance.
+                #
+                # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                #
+                # The metric must have a value type of INT64 or DOUBLE.
+            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                #
+                # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                #
+                # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                #
+                # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
             "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
           },
         ],
@@ -602,7 +880,11 @@ 
Method Details

         "mode": "A String", # Defines operating mode for this policy.
         "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -610,7 +892,11 @@ 
Method Details

         },
         "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -623,7 +909,7 @@ 
Method Details

             "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
             "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
             "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
           },
         },
       },
@@ -642,11 +928,31 @@ 
Method Details

         },
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+          # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+          # - DELETING: Configuration is being deleted.
+          # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+          # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
       "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
         {
           "message": "A String", # The status message.
-          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+              # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+              # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+              # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+              # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+              # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+              # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+              # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+              # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+              # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+              # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+              # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+              # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+              # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+              # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+              # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+              # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
         },
       ],
       "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -658,7 +964,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -684,7 +991,7 @@ 
Method Details

 

 
 

-    patch(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -693,19 +1000,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -717,7 +1063,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -725,7 +1075,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -738,7 +1092,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -757,11 +1111,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -769,16 +1143,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -812,7 +1199,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -826,7 +1214,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -842,10 +1230,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -858,7 +1242,7 @@ 
Method Details

 

 
 

-    update(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    update(project, zone, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -867,19 +1251,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -891,7 +1314,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -899,7 +1326,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -912,7 +1343,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -931,11 +1362,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -943,16 +1394,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to update.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -986,7 +1450,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.backendBuckets.html b/docs/dyn/compute_beta.backendBuckets.html
index a6374146478..ec16ea91ce3 100644
--- a/docs/dyn/compute_beta.backendBuckets.html
+++ b/docs/dyn/compute_beta.backendBuckets.html
@@ -75,50 +75,50 @@
 
Compute Engine API . backendBuckets

 
Instance Methods

 

-  addSignedUrlKey(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  addSignedUrlKey(project, backendBucket, body=None, requestId=None)

 
Adds a key for validating requests with signed URLs for this backend bucket.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, backendBucket, requestId=None, x__xgafv=None)

+  delete(project, backendBucket, requestId=None)

 
Deletes the specified BackendBucket resource.

 

-  deleteSignedUrlKey(project, backendBucket, keyName, requestId=None, x__xgafv=None)

+  deleteSignedUrlKey(project, backendBucket, keyName, requestId=None)

 
Deletes a key for validating requests with signed URLs for this backend bucket.

 

-  get(project, backendBucket, x__xgafv=None)

+  get(project, backendBucket)

 
Returns the specified BackendBucket resource. Gets a list of available backend buckets by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a BackendBucket resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of BackendBucket resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  patch(project, backendBucket, body=None, requestId=None)

 
Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None)

 
Sets the edge security policy for the specified backend bucket.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  update(project, backendBucket, body=None, requestId=None)

 
Updates the specified BackendBucket resource with the data included in the request.

 
Method Details

 

-    addSignedUrlKey(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    addSignedUrlKey(project, backendBucket, body=None, requestId=None)
   
Adds a key for validating requests with signed URLs for this backend bucket.
 
 Args:
@@ -132,16 +132,29 @@ 
Method Details

   "keyValue": "A String", # 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -175,7 +188,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -194,22 +208,35 @@ 
Method Details

 

 
 

-    delete(project, backendBucket, requestId=None, x__xgafv=None)
+    delete(project, backendBucket, requestId=None)
   
Deletes the specified BackendBucket resource.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -243,7 +270,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -257,23 +285,36 @@ 
Method Details

 

 
 

-    deleteSignedUrlKey(project, backendBucket, keyName, requestId=None, x__xgafv=None)
+    deleteSignedUrlKey(project, backendBucket, keyName, requestId=None)
   
Deletes a key for validating requests with signed URLs for this backend bucket.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035. (required)
   keyName: string, The name of the Signed URL Key to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -307,7 +348,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -321,21 +363,19 @@ 
Method Details

 

 
 

-    get(project, backendBucket, x__xgafv=None)
+    get(project, backendBucket)
   
Returns the specified BackendBucket resource. Gets a list of available backend buckets by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+    { # Represents a Cloud Storage Bucket resource.
+    #
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -351,7 +391,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -369,7 +415,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -385,34 +431,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -420,76 +490,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a BackendBucket resource in the specified project using the data included in the request.
 
 Args:
@@ -497,7 +635,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -513,7 +653,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -531,7 +677,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -545,16 +691,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -588,7 +747,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -602,20 +762,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of BackendBucket resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -623,7 +789,9 @@ 
Method Details

     { # Contains a list of BackendBucket resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendBucket resources.
-    { # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+    { # Represents a Cloud Storage Bucket resource.
+        #
+        # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
       "bucketName": "A String", # Cloud Storage bucket name.
       "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -639,7 +807,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -657,7 +831,7 @@ 
Method Details

           "A String",
         ],
       },
-      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
         "A String",
@@ -676,7 +850,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -702,7 +877,7 @@ 
Method Details

 

 
 

-    patch(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    patch(project, backendBucket, body=None, requestId=None)
   
Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -711,7 +886,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -727,7 +904,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -745,7 +928,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -759,16 +942,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -802,7 +998,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -816,7 +1013,7 @@ 
Method Details

 

 
 

-    setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    setEdgeSecurityPolicy(project, backendBucket, body=None, requestId=None)
   
Sets the edge security policy for the specified backend bucket.
 
 Args:
@@ -829,16 +1026,29 @@ 
Method Details

   "securityPolicy": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -872,7 +1082,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -886,7 +1097,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -898,33 +1109,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -932,95 +1217,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1028,76 +1405,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1112,10 +1557,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1128,7 +1569,7 @@ 
Method Details

 

 
 

-    update(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    update(project, backendBucket, body=None, requestId=None)
   
Updates the specified BackendBucket resource with the data included in the request.
 
 Args:
@@ -1137,7 +1578,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -1153,7 +1596,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1171,7 +1620,7 @@ 
Method Details

       "A String",
     ],
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "customResponseHeaders": [ # Headers that the HTTP/S load balancer should add to proxied responses.
     "A String",
@@ -1185,16 +1634,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1228,7 +1690,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.backendServices.html b/docs/dyn/compute_beta.backendServices.html
index 126603f7be0..603034006e6 100644
--- a/docs/dyn/compute_beta.backendServices.html
+++ b/docs/dyn/compute_beta.backendServices.html
@@ -75,10 +75,10 @@
 
Compute Engine API . backendServices

 
Instance Methods

 

-  addSignedUrlKey(project, backendService, body=None, requestId=None, x__xgafv=None)

+  addSignedUrlKey(project, backendService, body=None, requestId=None)

 
Adds a key for validating requests with signed URLs for this backend service.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all BackendService resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,50 +87,50 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, backendService, requestId=None, x__xgafv=None)

+  delete(project, backendService, requestId=None)

 
Deletes the specified BackendService resource.

 

-  deleteSignedUrlKey(project, backendService, keyName, requestId=None, x__xgafv=None)

+  deleteSignedUrlKey(project, backendService, keyName, requestId=None)

 
Deletes a key for validating requests with signed URLs for this backend service.

 

-  get(project, backendService, x__xgafv=None)

+  get(project, backendService)

 
Returns the specified BackendService resource. Gets a list of available backend services.

 

-  getHealth(project, backendService, body=None, x__xgafv=None)

-
Gets the most recent health check results for this BackendService. Example request body: { "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }

+  getHealth(project, backendService, body=None)

+
Gets the most recent health check results for this BackendService.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

-
Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview .

+  insert(project, body=None, requestId=None)

+
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of BackendService resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, backendService, body=None, requestId=None, x__xgafv=None)

-
Patches the specified BackendService resource with the data included in the request. For more information, see Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+  patch(project, backendService, body=None, requestId=None)

+
Patches the specified BackendService resource with the data included in the request. For more information, see  Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setEdgeSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)

+  setEdgeSecurityPolicy(project, backendService, body=None, requestId=None)

 
Sets the edge security policy for the specified backend service.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)

+  setSecurityPolicy(project, backendService, body=None, requestId=None)

 
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, backendService, body=None, requestId=None, x__xgafv=None)

+  update(project, backendService, body=None, requestId=None)

 
Updates the specified BackendService resource with the data included in the request. For more information, see Backend services overview.

 
Method Details

 

-    addSignedUrlKey(project, backendService, body=None, requestId=None, x__xgafv=None)
+    addSignedUrlKey(project, backendService, body=None, requestId=None)
   
Adds a key for validating requests with signed URLs for this backend service.
 
 Args:
@@ -144,16 +144,29 @@ 
Method Details

   "keyValue": "A String", # 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -187,7 +200,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -201,21 +215,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all BackendService resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -225,25 +245,69 @@ 
Method Details

   "items": { # A list of BackendServicesScopedList resources.
     "a_key": { # Name of the scope containing this set of BackendServices.
       "backendServices": [ # A list of BackendServices contained in this scope.
-        { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-          "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+        { # Represents a Backend Service resource.
+            #
+            # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+            #
+            # Backend services in Google Compute Engine can be either regionally or globally scoped.
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+            #
+            # For more information, see Backend Services.
+            #
+            # (== resource_for {$api_version}.backendService ==)
+          "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+              #
+              # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backends": [ # The list of backends that serve this BackendService.
             { # Message containing information of one individual backend.
-              "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-              "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+              "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+              "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+                  #
+                  # Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
               "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-              "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-              "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-              "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-              "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-              "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-              "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-              "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+              "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+                  #
+                  #
+                  # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+                  #
+                  #
+                  # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+                  #
+                  # For regional services, the backend must be in the same region as the backend service.
+                  #
+                  # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+              "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing
+              "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+              "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+              "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
+              "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
+              "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
               "maxUtilization": 3.14,
             },
           ],
-          "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+          "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
             "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
               { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
                 "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -266,7 +330,13 @@ 
Method Details

                 "A String",
               ],
             },
-            "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+            "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+                #
+                # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+                #
+                # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+                #
+                # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
             "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
             "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -295,16 +365,38 @@ 
Method Details

             "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           },
-          "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+          "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
           "connectionDraining": { # Message containing connection draining configuration.
             "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
           },
           "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-            "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-            "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-            "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+            "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+                #
+                # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+                #
+                # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+                #
+                # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+            "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+                #
+                # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+                #
+                # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+                #
+                # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+            "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+                #
+                # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+                #
+                # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
           },
-          "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
               "name": "A String", # Name of the cookie.
               "path": "A String", # Path to set for the cookie.
@@ -327,35 +419,62 @@ 
Method Details

           "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
           "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
           "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-            "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+            "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+                #
+                # The default is false.
             "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
             "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
           },
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-          "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+          "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
             "A String",
           ],
           "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
             "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
             "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-            "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+            "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
             "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
           },
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-          "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-          "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+          "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+              # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+              # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+              # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+              # - RANDOM: The load balancer selects a random healthy host.
+              # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+              # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+              #
+              # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
             "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
             "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+              # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+              # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-          "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -374,20 +493,48 @@ 
Method Details

             "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
             "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
           },
-          "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-          "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-          "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+          "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+              #
+              # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+          "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+              #
+              #
+              #
+              # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+          "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+              #
+              # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+              #
+              # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
           "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-          "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
             "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-            "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-            "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+            "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+                # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                # If left blank, communications are not encrypted.
+                # Note: This field currently has no impact.
+            "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+                # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+                # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+                # Note: This field currently has no impact.
               "A String",
             ],
           },
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+              #
+              # When the loadBalancingScheme is EXTERNAL:
+              #
+              # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+              #
+              # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+              #
+              # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
             "policy": "A String",
           },
@@ -396,7 +543,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -414,7 +562,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -445,22 +594,35 @@ 
Method Details

 

 
 

-    delete(project, backendService, requestId=None, x__xgafv=None)
+    delete(project, backendService, requestId=None)
   
Deletes the specified BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -494,7 +656,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -508,23 +671,36 @@ 
Method Details

 

 
 

-    deleteSignedUrlKey(project, backendService, keyName, requestId=None, x__xgafv=None)
+    deleteSignedUrlKey(project, backendService, keyName, requestId=None)
   
Deletes a key for validating requests with signed URLs for this backend service.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035. (required)
   keyName: string, The name of the Signed URL Key to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -558,7 +734,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -572,39 +749,79 @@ 
Method Details

 

 
 

-    get(project, backendService, x__xgafv=None)
+    get(project, backendService)
   
Returns the specified BackendService resource. Gets a list of available backend services.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+    #
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    #
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    #
+    # For more information, see Backend Services.
+    #
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      #
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -627,7 +844,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -656,16 +879,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -688,35 +933,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      #
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -735,20 +1007,48 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      #
+      #
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      #
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      #
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      #
+      # When the loadBalancingScheme is EXTERNAL:
+      #
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      #
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      #
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
@@ -757,8 +1057,12 @@ 
Method Details

 

 
 

-    getHealth(project, backendService, body=None, x__xgafv=None)
-  
Gets the most recent health check results for this BackendService. Example request body: { "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }
+    getHealth(project, backendService, body=None)
+  
Gets the most recent health check results for this BackendService.
+
+Example request body:
+
+{ "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }
 
 Args:
   project: string, A parameter (required)
@@ -770,10 +1074,6 @@ 
Method Details

   "group": "A String", # A URI referencing one of the instance groups or network endpoint groups listed in the backend service.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -802,34 +1102,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -837,102 +1161,214 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
-  
Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview .
+    insert(project, body=None, requestId=None)
+  
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -955,7 +1391,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -984,16 +1426,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1016,35 +1480,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1063,36 +1554,77 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1126,7 +1658,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1140,20 +1673,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of BackendService resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1161,25 +1700,69 @@ 
Method Details

     { # Contains a list of BackendService resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendService resources.
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+        #
+        # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+        #
+        # Backend services in Google Compute Engine can be either regionally or globally scoped.
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+        #
+        # For more information, see Backend Services.
+        #
+        # (== resource_for {$api_version}.backendService ==)
+      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+          #
+          # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backends": [ # The list of backends that serve this BackendService.
         { # Message containing information of one individual backend.
-          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+              #
+              # Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+              #
+              # For regional services, the backend must be in the same region as the backend service.
+              #
+              # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
           "maxUtilization": 3.14,
         },
       ],
-      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
           { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
             "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1202,7 +1785,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1231,16 +1820,38 @@ 
Method Details

         "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       },
-      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
       "connectionDraining": { # Message containing connection draining configuration.
         "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
       },
       "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+            #
+            # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+            #
+            # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+            #
+            # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+            #
+            # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+            #
+            # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+            #
+            # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+            #
+            # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+            #
+            # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
       },
-      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
           "name": "A String", # Name of the cookie.
           "path": "A String", # Path to set for the cookie.
@@ -1263,35 +1874,62 @@ 
Method Details

       "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
       "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
       "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+            #
+            # The default is false.
         "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
         "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
       },
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
         "A String",
       ],
       "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
         "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
         "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
         "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
       },
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+          # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+          # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+          # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+          # - RANDOM: The load balancer selects a random healthy host.
+          # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+          # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+          #
+          # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
         "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
         "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+          # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+          # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1310,20 +1948,48 @@ 
Method Details

         "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
         "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
       },
-      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-      "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+          #
+          #
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+      "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+          #
+          # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+          #
+          # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
       "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
         "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+            # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            # If left blank, communications are not encrypted.
+            # Note: This field currently has no impact.
+        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+            # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+            # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+            # Note: This field currently has no impact.
           "A String",
         ],
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+          #
+          # When the loadBalancingScheme is EXTERNAL:
+          #
+          # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+          #
+          # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+          #
+          # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
         "policy": "A String",
       },
@@ -1335,7 +2001,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1361,8 +2028,8 @@ 
Method Details

 

 
 

-    patch(project, backendService, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified BackendService resource with the data included in the request. For more information, see Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
+    patch(project, backendService, body=None, requestId=None)
+  
Patches the specified BackendService resource with the data included in the request. For more information, see  Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1370,25 +2037,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1411,7 +2122,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1440,16 +2157,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1472,35 +2211,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1519,36 +2285,77 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1582,7 +2389,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1596,7 +2404,7 @@ 
Method Details

 

 
 

-    setEdgeSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)
+    setEdgeSecurityPolicy(project, backendService, body=None, requestId=None)
   
Sets the edge security policy for the specified backend service.
 
 Args:
@@ -1609,16 +2417,29 @@ 
Method Details

   "securityPolicy": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1652,7 +2473,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1666,7 +2488,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1678,33 +2500,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1712,95 +2608,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1808,76 +2796,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)
+    setSecurityPolicy(project, backendService, body=None, requestId=None)
   
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview
 
 Args:
@@ -1890,16 +2946,29 @@ 
Method Details

   "securityPolicy": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1933,7 +3002,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1947,7 +3017,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1962,10 +3032,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1978,7 +3044,7 @@ 
Method Details

 

 
 

-    update(project, backendService, body=None, requestId=None, x__xgafv=None)
+    update(project, backendService, body=None, requestId=None)
   
Updates the specified BackendService resource with the data included in the request. For more information, see Backend services overview.
 
 Args:
@@ -1987,25 +3053,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -2028,7 +3138,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -2057,16 +3173,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -2089,35 +3227,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -2136,36 +3301,77 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2199,7 +3405,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.diskTypes.html b/docs/dyn/compute_beta.diskTypes.html
index 9451e7c580a..3f45fd227d6 100644
--- a/docs/dyn/compute_beta.diskTypes.html
+++ b/docs/dyn/compute_beta.diskTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . diskTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of disk types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, diskType, x__xgafv=None)

+  get(project, zone, diskType)

 
Returns the specified disk type. Gets a list of available disk types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of disk types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of disk types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,17 @@ 
Method Details

   "items": { # A list of DiskTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of disk types.
       "diskTypes": [ # [Output Only] A list of disk types contained in this scope.
-        { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/beta/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/beta/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+        { # Represents a Disk Type resource.
+            #
+            # Google Compute Engine has two Disk Type resources:
+            #
+            # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+            #
+            # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+            #
+            # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+            #
+            # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -140,7 +156,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of disk types when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -158,7 +175,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -189,22 +207,28 @@ 
Method Details

 

 
 

-    get(project, zone, diskType, x__xgafv=None)
+    get(project, zone, diskType)
   
Returns the specified disk type. Gets a list of available disk types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   diskType: string, Name of the disk type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/beta/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/beta/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+    #
+    # Google Compute Engine has two Disk Type resources:
+    #
+    # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+    #
+    # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+    #
+    # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -226,21 +250,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of disk types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -248,7 +278,17 @@ 
Method Details

     { # Contains a list of disk types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of DiskType resources.
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/beta/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/beta/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+        #
+        # Google Compute Engine has two Disk Type resources:
+        #
+        # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+        #
+        # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+        #
+        # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -273,7 +313,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.disks.html b/docs/dyn/compute_beta.disks.html
index b6fbd0738b8..fe49826f9f1 100644
--- a/docs/dyn/compute_beta.disks.html
+++ b/docs/dyn/compute_beta.disks.html
@@ -75,10 +75,10 @@
 
Compute Engine API . disks

 
Instance Methods

 

-  addResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, zone, disk, body=None, requestId=None)

 
Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of persistent disks.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,44 +87,44 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)

+  createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None)

 
Creates a snapshot of a specified persistent disk.

 

-  delete(project, zone, disk, requestId=None, x__xgafv=None)

+  delete(project, zone, disk, requestId=None)

 
Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.

 

-  get(project, zone, disk, x__xgafv=None)

+  get(project, zone, disk)

 
Returns a specified persistent disk. Gets a list of available persistent disks by making a list() request.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, sourceImage=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None, sourceImage=None)

 
Creates a persistent disk in the specified project using the data in the request. You can create a disk from a source (sourceImage, sourceSnapshot, or sourceDisk) or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of persistent disks contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, zone, disk, body=None, requestId=None)

 
Removes resource policies from a disk.

 

-  resize(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  resize(project, zone, disk, body=None, requestId=None)

 
Resizes the specified persistent disk. You can only increase the size of the disk.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, resource, body=None, requestId=None)

 
Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, zone, disk, body=None, requestId=None)
   
Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.
 
 Args:
@@ -140,16 +140,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -183,7 +196,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,21 +211,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of persistent disks.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -221,26 +241,49 @@ 
Method Details

   "items": { # A list of DisksScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of disks.
       "disks": [ # [Output Only] A list of disks contained in this scope.
-        { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/beta/disks) * [Regional](/compute/docs/reference/rest/beta/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+        { # Represents a Persistent Disk resource.
+            #
+            # Google Compute Engine has two Disk resources:
+            #
+            # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+            #
+            # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+            #
+            # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+            #
+            # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+              #
+              # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+              #
+              # Customer-supplied encryption keys do not protect access to metadata of the disk.
+              #
+              # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
           "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a disk.
           "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
             "a_key": "A String",
           },
@@ -267,31 +310,72 @@ 
Method Details

           ],
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-          "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-          "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+          "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+              #
+              # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+          "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+              # - projects/project/zones/zone/disks/disk
+              # - projects/project/regions/region/disks/disk
+              # - zones/zone/disks/disk
+              # - regions/region/disks/disk
           "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-          "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+          "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
           "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-          "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+          "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+              # - projects/project/global/snapshots/snapshot
+              # - global/snapshots/snapshot
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
           "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-          "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+          "status": "A String", # [Output Only] The status of disk creation.
+              # - CREATING: Disk is provisioning.
+              # - RESTORING: Source data is being copied into the disk.
+              # - FAILED: Disk creation failed.
+              # - READY: Disk is ready for use.
+              # - DELETING: Disk is deleting.
           "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-          "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+          "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
           "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
             "A String",
           ],
@@ -300,7 +384,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of disks when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -318,7 +403,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -349,7 +435,7 @@ 
Method Details

 

 
 

-    createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)
+    createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None)
   
Creates a snapshot of a specified persistent disk.
 
 Args:
@@ -359,7 +445,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -369,7 +457,9 @@ 
Method Details

   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -383,11 +473,22 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -395,7 +496,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -408,16 +514,29 @@ 
Method Details

 }
 
   guestFlush: boolean, [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -451,7 +570,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -465,23 +585,36 @@ 
Method Details

 

 
 

-    delete(project, zone, disk, requestId=None, x__xgafv=None)
+    delete(project, zone, disk, requestId=None)
   
Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   disk: string, Name of the persistent disk to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -515,7 +648,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -529,41 +663,60 @@ 
Method Details

 

 
 

-    get(project, zone, disk, x__xgafv=None)
+    get(project, zone, disk)
   
Returns a specified persistent disk. Gets a list of available persistent disks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   disk: string, Name of the persistent disk to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/beta/disks) * [Regional](/compute/docs/reference/rest/beta/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+    #
+    # Google Compute Engine has two Disk resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    #
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    #
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      #
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -590,31 +743,72 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      #
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      #
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      #
+      #
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      #
+      #
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      #
+      #
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
@@ -623,7 +817,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -631,27 +825,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -659,76 +877,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, sourceImage=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None, sourceImage=None)
   
Creates a persistent disk in the specified project using the data in the request. You can create a disk from a source (sourceImage, sourceSnapshot, or sourceDisk) or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.
 
 Args:
@@ -737,26 +1023,49 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/beta/disks) * [Regional](/compute/docs/reference/rest/beta/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+{ # Represents a Persistent Disk resource.
+    # 
+    # Google Compute Engine has two Disk resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    # 
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    # 
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    # 
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      # 
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -783,48 +1092,102 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      # 
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      # 
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      # 
+      # 
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      # 
+      # 
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      # 
+      # 
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
   "zone": "A String", # [Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceImage: string, Source image to restore onto a disk. This field is optional.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -858,7 +1221,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -872,21 +1236,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of persistent disks contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -894,26 +1264,49 @@ 
Method Details

     { # A list of Disk resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Disk resources.
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/beta/disks) * [Regional](/compute/docs/reference/rest/beta/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+        #
+        # Google Compute Engine has two Disk resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+        #
+        # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+        #
+        # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+          #
+          # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
       "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a disk.
       "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -940,31 +1333,72 @@ 
Method Details

       ],
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+          #
+          # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+          #
+          # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+          # projects/debian-cloud/global/images/family/debian-9
+          #
+          #
+          # Alternatively, use a specific version of a public operating system image:
+          # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+          #
+          #
+          # To create a disk with a custom image that you created, specify the image name in the following format:
+          # global/images/my-custom-image
+          #
+          #
+          # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+          # global/images/family/my-image-family
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+          # - projects/project/global/snapshots/snapshot
+          # - global/snapshots/snapshot
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
       "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-      "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+      "status": "A String", # [Output Only] The status of disk creation.
+          # - CREATING: Disk is provisioning.
+          # - RESTORING: Source data is being copied into the disk.
+          # - FAILED: Disk creation failed.
+          # - READY: Disk is ready for use.
+          # - DELETING: Disk is deleting.
       "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
       "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
         "A String",
       ],
@@ -976,7 +1410,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1002,7 +1437,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, zone, disk, body=None, requestId=None)
   
Removes resource policies from a disk.
 
 Args:
@@ -1018,16 +1453,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1061,7 +1509,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1075,7 +1524,7 @@ 
Method Details

 

 
 

-    resize(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    resize(project, zone, disk, body=None, requestId=None)
   
Resizes the specified persistent disk. You can only increase the size of the disk.
 
 Args:
@@ -1089,16 +1538,29 @@ 
Method Details

   "sizeGb": "A String", # The new size of the persistent disk, which is specified in GB.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1132,7 +1594,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1146,7 +1609,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1159,33 +1622,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1193,95 +1730,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1289,76 +1918,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, resource, body=None, requestId=None)
   
Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1375,16 +2072,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1418,7 +2128,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1432,7 +2143,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1448,10 +2159,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.externalVpnGateways.html b/docs/dyn/compute_beta.externalVpnGateways.html
index 610f79e02fa..cd513fcbdb8 100644
--- a/docs/dyn/compute_beta.externalVpnGateways.html
+++ b/docs/dyn/compute_beta.externalVpnGateways.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, externalVpnGateway, requestId=None, x__xgafv=None)

+  delete(project, externalVpnGateway, requestId=None)

 
Deletes the specified externalVpnGateway.

 

-  get(project, externalVpnGateway, x__xgafv=None)

+  get(project, externalVpnGateway)

 
Returns the specified externalVpnGateway. Get a list of available externalVpnGateways by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a ExternalVpnGateway in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of ExternalVpnGateway available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an ExternalVpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, externalVpnGateway, requestId=None, x__xgafv=None)
+    delete(project, externalVpnGateway, requestId=None)
   
Deletes the specified externalVpnGateway.
 
 Args:
   project: string, Project ID for this request. (required)
   externalVpnGateway: string, Name of the externalVpnGateways to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,32 +182,41 @@ 
Method Details

 

 
 

-    get(project, externalVpnGateway, x__xgafv=None)
+    get(project, externalVpnGateway)
   
Returns the specified externalVpnGateway. Get a list of available externalVpnGateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   externalVpnGateway: string, Name of the externalVpnGateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+    { # Represents an external VPN gateway.
+    #
+    # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+    #
+    # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+    #
+    # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+  "interfaces": [ # List of interfaces for this external VPN gateway.
+      #
+      # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
     { # The interface for the external VPN gateway.
-      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+          # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+          # - TWO_IPS_REDUNDANCY - 0, 1
+          # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
       "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
     },
   ],
   "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -204,7 +227,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a ExternalVpnGateway in the specified project using the data included in the request.
 
 Args:
@@ -212,18 +235,31 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+{ # Represents an external VPN gateway.
+    # 
+    # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+    # 
+    # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+    # 
+    # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+  "interfaces": [ # List of interfaces for this external VPN gateway.
+      # 
+      # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
     { # The interface for the external VPN gateway.
-      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+          # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+          # - TWO_IPS_REDUNDANCY - 0, 1
+          # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
       "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
     },
   ],
   "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -232,16 +268,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -275,7 +324,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -289,20 +339,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of ExternalVpnGateway available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -311,18 +367,31 @@ 
Method Details

   "etag": "A String",
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ExternalVpnGateway resources.
-    { # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+    { # Represents an external VPN gateway.
+        #
+        # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+        #
+        # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+        #
+        # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+      "interfaces": [ # List of interfaces for this external VPN gateway.
+          #
+          # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
         { # The interface for the external VPN gateway.
-          "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+          "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+              # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+              # - TWO_IPS_REDUNDANCY - 0, 1
+              # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
           "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
         },
       ],
       "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -331,12 +400,13 @@ 
Method Details

       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
     },
   ],
-  "kind": "compute#externalVpnGatewayList", # [Output Only] Type of resource. Always compute#externalVpnGatewayList for lists of externalVpnGateways.
+  "kind": "compute#externalVpnGatewayList", # [Output Only] Type of resource. Always compute#externalVpnGatewayList  for lists of externalVpnGateways.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -362,7 +432,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an ExternalVpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -378,15 +448,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -420,7 +499,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -434,7 +514,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -449,10 +529,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.firewallPolicies.html b/docs/dyn/compute_beta.firewallPolicies.html
index 7672017e706..3b019a38523 100644
--- a/docs/dyn/compute_beta.firewallPolicies.html
+++ b/docs/dyn/compute_beta.firewallPolicies.html
@@ -75,68 +75,68 @@
 
Compute Engine API . firewallPolicies

 
Instance Methods

 

-  addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)

+  addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)

 
Inserts an association for the specified firewall policy.

 

-  addRule(firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  addRule(firewallPolicy, body=None, requestId=None)

 
Inserts a rule into a firewall policy.

 

-  cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)

+  cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None)

 
Copies rules to the specified firewall policy.

 

   close()

 
Close httplib2 connections.

 

-  delete(firewallPolicy, requestId=None, x__xgafv=None)

+  delete(firewallPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(firewallPolicy, x__xgafv=None)

+  get(firewallPolicy)

 
Returns the specified firewall policy.

 

-  getAssociation(firewallPolicy, name=None, x__xgafv=None)

+  getAssociation(firewallPolicy, name=None)

 
Gets an association with the specified name.

 

-  getIamPolicy(resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getRule(firewallPolicy, priority=None, x__xgafv=None)

+  getRule(firewallPolicy, priority=None)

 
Gets a rule of the specified priority.

 

-  insert(body=None, parentId=None, requestId=None, x__xgafv=None)

+  insert(body=None, parentId=None, requestId=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
Lists all the policies that have been configured for the specified folder or organization.

 

-  listAssociations(targetResource=None, x__xgafv=None)

+  listAssociations(targetResource=None)

 
Lists associations of a specified target, i.e., organization or folder.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  move(firewallPolicy, parentId=None, requestId=None, x__xgafv=None)

+  move(firewallPolicy, parentId=None, requestId=None)

 
Moves the specified firewall policy.

 

-  patch(firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(firewallPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 

-  patchRule(firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)

+  patchRule(firewallPolicy, body=None, priority=None, requestId=None)

 
Patches a rule of the specified priority.

 

-  removeAssociation(firewallPolicy, name=None, requestId=None, x__xgafv=None)

+  removeAssociation(firewallPolicy, name=None, requestId=None)

 
Removes an association for the specified firewall policy.

 

-  removeRule(firewallPolicy, priority=None, requestId=None, x__xgafv=None)

+  removeRule(firewallPolicy, priority=None, requestId=None)

 
Deletes a rule of the specified priority.

 

-  setIamPolicy(resource, body=None, x__xgafv=None)

+  setIamPolicy(resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(resource, body=None, x__xgafv=None)

+  testIamPermissions(resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)
+    addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)
   
Inserts an association for the specified firewall policy.
 
 Args:
@@ -153,16 +153,29 @@ 
Method Details

 }
 
   replaceExistingAssociation: boolean, Indicates whether or not to replace it if an association of the attachment already exists. This is false by default, in which case an error will be returned if an association already exists.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -196,7 +209,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -210,7 +224,7 @@ 
Method Details

 

 
 

-    addRule(firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    addRule(firewallPolicy, body=None, requestId=None)
   
Inserts a rule into a firewall policy.
 
 Args:
@@ -232,7 +246,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -251,16 +267,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -294,7 +323,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -308,22 +338,35 @@ 
Method Details

 

 
 

-    cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)
+    cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None)
   
Copies rules to the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceFirewallPolicy: string, The firewall policy from which to copy rules.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -357,7 +400,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -376,21 +420,34 @@ 
Method Details

 

 
 

-    delete(firewallPolicy, requestId=None, x__xgafv=None)
+    delete(firewallPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -424,7 +481,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -438,20 +496,16 @@ 
Method Details

 

 
 

-    get(firewallPolicy, x__xgafv=None)
+    get(firewallPolicy)
   
Returns the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -464,7 +518,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -485,7 +541,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -511,16 +569,12 @@ 
Method Details

 

 
 

-    getAssociation(firewallPolicy, name=None, x__xgafv=None)
+    getAssociation(firewallPolicy, name=None)
   
Gets an association with the specified name.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   name: string, The name of the association to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -535,33 +589,57 @@ 
Method Details

 

 
 

-    getIamPolicy(resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -569,85 +647,149 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getRule(firewallPolicy, priority=None, x__xgafv=None)
+    getRule(firewallPolicy, priority=None)
   
Gets a rule of the specified priority.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -666,7 +808,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -687,14 +831,14 @@ 
Method Details

 

 
 

-    insert(body=None, parentId=None, requestId=None, x__xgafv=None)
+    insert(body=None, parentId=None, requestId=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -707,7 +851,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -728,7 +874,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -753,16 +901,29 @@ 
Method Details

 }
 
   parentId: string, Parent ID for this request. The ID can be either be "folders/[FOLDER_ID]" if the parent is a folder or "organizations/[ORGANIZATION_ID]" if the parent is an organization.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -796,7 +957,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -810,20 +972,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
Lists all the policies that have been configured for the specified folder or organization.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -831,7 +999,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of FirewallPolicy resources.
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
       "associations": [ # A list of associations that belong to this firewall policy.
         {
           "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -844,7 +1012,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the firewall policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
       "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -865,7 +1035,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -893,7 +1065,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -905,15 +1078,11 @@ 
Method Details

 

 
 

-    listAssociations(targetResource=None, x__xgafv=None)
+    listAssociations(targetResource=None)
   
Lists associations of a specified target, i.e., organization or folder.
 
 Args:
   targetResource: string, The target resource to list associations. It is an organization, or a folder.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -947,22 +1116,35 @@ 
Method Details

 

 
 

-    move(firewallPolicy, parentId=None, requestId=None, x__xgafv=None)
+    move(firewallPolicy, parentId=None, requestId=None)
   
Moves the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   parentId: string, The new parent of the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -996,7 +1178,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1010,7 +1193,7 @@ 
Method Details

 

 
 

-    patch(firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(firewallPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -1018,7 +1201,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -1031,7 +1214,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -1052,7 +1237,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -1076,16 +1263,29 @@ 
Method Details

   "shortName": "A String", # User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1119,7 +1319,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1133,7 +1334,7 @@ 
Method Details

 

 
 

-    patchRule(firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)
+    patchRule(firewallPolicy, body=None, priority=None, requestId=None)
   
Patches a rule of the specified priority.
 
 Args:
@@ -1155,7 +1356,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -1175,16 +1378,29 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1218,7 +1434,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1232,22 +1449,35 @@ 
Method Details

 

 
 

-    removeAssociation(firewallPolicy, name=None, requestId=None, x__xgafv=None)
+    removeAssociation(firewallPolicy, name=None, requestId=None)
   
Removes an association for the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   name: string, Name for the attachment that will be removed.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1281,7 +1511,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1295,22 +1526,35 @@ 
Method Details

 

 
 

-    removeRule(firewallPolicy, priority=None, requestId=None, x__xgafv=None)
+    removeRule(firewallPolicy, priority=None, requestId=None)
   
Deletes a rule of the specified priority.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   priority: integer, The priority of the rule to remove from the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1344,7 +1588,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1358,7 +1603,7 @@ 
Method Details

 

 
 

-    setIamPolicy(resource, body=None, x__xgafv=None)
+    setIamPolicy(resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1369,33 +1614,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1403,95 +1722,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1499,76 +1910,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(resource, body=None, x__xgafv=None)
+    testIamPermissions(resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1582,10 +2061,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.firewalls.html b/docs/dyn/compute_beta.firewalls.html
index 6da39d5b3cd..eed59599970 100644
--- a/docs/dyn/compute_beta.firewalls.html
+++ b/docs/dyn/compute_beta.firewalls.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, firewall, requestId=None, x__xgafv=None)

+  delete(project, firewall, requestId=None)

 
Deletes the specified firewall.

 

-  get(project, firewall, x__xgafv=None)

+  get(project, firewall)

 
Returns the specified firewall.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a firewall rule in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of firewall rules available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, firewall, body=None, requestId=None, x__xgafv=None)

+  patch(project, firewall, body=None, requestId=None)

 
Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, firewall, body=None, requestId=None, x__xgafv=None)

+  update(project, firewall, body=None, requestId=None)

 
Updates the specified firewall rule with the data included in the request. Note that all fields will be updated if using PUT, even fields that are not specified. To update individual fields, please use PATCH instead.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, firewall, requestId=None, x__xgafv=None)
+    delete(project, firewall, requestId=None)
   
Deletes the specified firewall.
 
 Args:
   project: string, Project ID for this request. (required)
   firewall: string, Name of the firewall rule to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,25 +185,25 @@ 
Method Details

 

 
 

-    get(project, firewall, x__xgafv=None)
+    get(project, firewall)
   
Returns the specified firewall.
 
 Args:
   project: string, Project ID for this request. (required)
   firewall: string, Name of the firewall rule to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+    #
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          #
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -198,7 +212,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          #
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -217,7 +233,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -239,7 +260,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a firewall rule in the specified project using the data included in the request.
 
 Args:
@@ -247,11 +268,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -260,7 +285,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -279,7 +306,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -299,16 +331,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -342,7 +387,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -356,20 +402,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of firewall rules available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -377,11 +429,15 @@ 
Method Details

     { # Contains a list of firewalls.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Firewall resources.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -390,7 +446,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -409,7 +467,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -434,7 +497,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -460,7 +524,7 @@ 
Method Details

 

 
 

-    patch(project, firewall, body=None, requestId=None, x__xgafv=None)
+    patch(project, firewall, body=None, requestId=None)
   
Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -469,11 +533,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -482,7 +550,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -501,7 +571,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -521,16 +596,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -564,7 +652,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -578,7 +667,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -593,10 +682,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -609,7 +694,7 @@ 
Method Details

 

 
 

-    update(project, firewall, body=None, requestId=None, x__xgafv=None)
+    update(project, firewall, body=None, requestId=None)
   
Updates the specified firewall rule with the data included in the request. Note that all fields will be updated if using PUT, even fields that are not specified. To update individual fields, please use PATCH instead.
 
 Args:
@@ -618,11 +703,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -631,7 +720,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -650,7 +741,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -670,16 +766,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -713,7 +822,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.forwardingRules.html b/docs/dyn/compute_beta.forwardingRules.html
index beb75a0d83a..20290bce8a4 100644
--- a/docs/dyn/compute_beta.forwardingRules.html
+++ b/docs/dyn/compute_beta.forwardingRules.html
@@ -75,7 +75,7 @@
 
Compute Engine API . forwardingRules

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of forwarding rules.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, forwardingRule, requestId=None, x__xgafv=None)

+  delete(project, region, forwardingRule, requestId=None)

 
Deletes the specified ForwardingRule resource.

 

-  get(project, region, forwardingRule, x__xgafv=None)

+  get(project, region, forwardingRule)

 
Returns the specified ForwardingRule resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a ForwardingRule resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of ForwardingRule resources available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, forwardingRule, body=None, requestId=None)

 
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.

 

-  setTarget(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  setTarget(project, region, forwardingRule, body=None, requestId=None)

 
Changes target URL for forwarding rule. The new target should be of the same type as the old target.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of forwarding rules.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,62 +142,174 @@ 
Method Details

   "items": { # A list of ForwardingRulesScopedList resources.
     "a_key": { # Name of the scope containing this set of addresses.
       "forwardingRules": [ # A list of forwarding rules contained in this scope.
-        { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-          "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-          "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-          "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+        { # Represents a Forwarding Rule resource.
+            #
+            # Forwarding rule resources in GCP can be either regional or global in scope:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+            #
+            # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+            #
+            # For more information, read Forwarding rule concepts and Using protocol forwarding.
+            #
+            # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+          "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+              #
+              # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+              #
+              # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+              # - projects/project_id/regions/region/addresses/address-name
+              # - regions/region/addresses/address-name
+              # - global/addresses/address-name
+              # - address-name
+              #
+              # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+              #
+              # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+              #
+              # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+          "IPProtocol": "A String", # The IP protocol to which this rule applies.
+              #
+              # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+              #
+              # The valid IP protocols are different for different load balancing products:
+              # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+              # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+              # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+              # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+              # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+              #
+              # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+              #
+              # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
           "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
           "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
           "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
           "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
-          "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-          "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-            { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-              "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+          "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+              #
+              #
+              # - EXTERNAL is used for:
+              # - Classic Cloud VPN gateways
+              # - Protocol forwarding to VMs from an external IP address
+              # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+              # - INTERNAL is used for:
+              # - Protocol forwarding to VMs from an internal IP address
+              # - Internal TCP/UDP Load Balancing
+              # - INTERNAL_MANAGED is used for:
+              # - Internal HTTP(S) Load Balancing
+              # - INTERNAL_SELF_MANAGED is used for:
+              # - Traffic Director
+              #
+              # For more information about forwarding rules, refer to Forwarding rule concepts.
+          "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+              # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+              # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+              # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+              "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                  # This list must not be empty and can have at the most 64 entries.
                 { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                  "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                  "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                  "name": "A String", # Name of metadata label.
+                      # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                  "value": "A String", # The value of the label must match the specified value.
+                      # value can have a maximum length of 1024 characters.
                 },
               ],
-              "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+              "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                  # Supported values are:
+                  # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                  # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
             },
           ],
-          "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-          "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-          "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-          "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+          "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          "network": "A String", # This field is not used for external load balancing.
+              #
+              # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+              #
+              # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+              #
+              # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+              #
+              # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+          "portRange": "A String", # This field can be used only if:
+              # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+              # - IPProtocol is one of TCP, UDP, or SCTP.
+              #
+              # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+              #
+              # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+              #
+              # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+              #
+              # Some types of forwarding target have constraints on the acceptable ports:
+              # - TargetHttpProxy: 80, 8080
+              # - TargetHttpsProxy: 443
+              # - TargetGrpcProxy: no constraints
+              # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+              # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+              # - TargetVpnGateway: 500, 4500
+          "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+              #
+              # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+              #
+              # You can specify a list of up to five ports, which can be non-contiguous.
+              #
+              # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+              #
+              # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
             "A String",
           ],
           "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
           "pscConnectionStatus": "A String",
           "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+          "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+              #
+              # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
             { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
               "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
               "service": "A String", # Service Directory service to register the forwarding rule under.
               "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
             },
           ],
-          "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-          "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-          "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+          "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+              #
+              # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+              #
+              # This field is only used for internal load balancing.
+          "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+              #
+              # This field is only used for internal load balancing.
+          "subnetwork": "A String", # This field is only used for internal load balancing.
+              #
+              # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+              #
+              # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
           "target": "A String",
         },
       ],
       "warning": { # Informational warning which replaces the list of forwarding rules when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -209,7 +327,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -240,23 +359,36 @@ 
Method Details

 

 
 

-    delete(project, region, forwardingRule, requestId=None, x__xgafv=None)
+    delete(project, region, forwardingRule, requestId=None)
   
Deletes the specified ForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -290,7 +422,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -304,77 +437,184 @@ 
Method Details

 

 
 

-    get(project, region, forwardingRule, x__xgafv=None)
+    get(project, region, forwardingRule)
   
Returns the specified ForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+    #
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    #
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    #
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    #
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      #
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      #
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      #
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      #
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      #
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      #
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      #
+      #
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      #
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      #
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      #
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      #
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      #
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "pscConnectionStatus": "A String",
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      #
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      #
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      #
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      #
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      #
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      #
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a ForwardingRule resource in the specified project and region using the data included in the request.
 
 Args:
@@ -383,69 +623,193 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "pscConnectionStatus": "A String",
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -479,7 +843,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -493,21 +858,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of ForwardingRule resources available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -515,56 +886,167 @@ 
Method Details

     { # Contains a list of ForwardingRule resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ForwardingRule resources.
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-      "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+        #
+        # Forwarding rule resources in GCP can be either regional or global in scope:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+        #
+        # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+        #
+        # For more information, read Forwarding rule concepts and Using protocol forwarding.
+        #
+        # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+          #
+          # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+          #
+          # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+          # - projects/project_id/regions/region/addresses/address-name
+          # - regions/region/addresses/address-name
+          # - global/addresses/address-name
+          # - address-name
+          #
+          # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+          #
+          # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+      "IPProtocol": "A String", # The IP protocol to which this rule applies.
+          #
+          # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+          #
+          # The valid IP protocols are different for different load balancing products:
+          # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+          # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+          # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+          # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
       "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
       "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
       "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
       "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+      "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+          #
+          #
+          # - EXTERNAL is used for:
+          # - Classic Cloud VPN gateways
+          # - Protocol forwarding to VMs from an external IP address
+          # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+          # - INTERNAL is used for:
+          # - Protocol forwarding to VMs from an internal IP address
+          # - Internal TCP/UDP Load Balancing
+          # - INTERNAL_MANAGED is used for:
+          # - Internal HTTP(S) Load Balancing
+          # - INTERNAL_SELF_MANAGED is used for:
+          # - Traffic Director
+          #
+          # For more information about forwarding rules, refer to Forwarding rule concepts.
+      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+          # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+              # This list must not be empty and can have at the most 64 entries.
             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+              "name": "A String", # Name of metadata label.
+                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+              "value": "A String", # The value of the label must match the specified value.
+                  # value can have a maximum length of 1024 characters.
             },
           ],
-          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+              # Supported values are:
+              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
         },
       ],
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-      "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-      "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "network": "A String", # This field is not used for external load balancing.
+          #
+          # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+          #
+          # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+      "portRange": "A String", # This field can be used only if:
+          # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+          # - IPProtocol is one of TCP, UDP, or SCTP.
+          #
+          # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+          #
+          # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # Some types of forwarding target have constraints on the acceptable ports:
+          # - TargetHttpProxy: 80, 8080
+          # - TargetHttpsProxy: 443
+          # - TargetGrpcProxy: no constraints
+          # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetVpnGateway: 500, 4500
+      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # You can specify a list of up to five ports, which can be non-contiguous.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
         "A String",
       ],
       "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
       "pscConnectionStatus": "A String",
       "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+          #
+          # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
         { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
           "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
           "service": "A String", # Service Directory service to register the forwarding rule under.
           "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
         },
       ],
-      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-      "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+          #
+          # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          #
+          # This field is only used for internal load balancing.
+      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+          #
+          # This field is only used for internal load balancing.
+      "subnetwork": "A String", # This field is only used for internal load balancing.
+          #
+          # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+          #
+          # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
       "target": "A String",
     },
   ],
@@ -573,7 +1055,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -599,7 +1082,7 @@ 
Method Details

 

 
 

-    patch(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, forwardingRule, body=None, requestId=None)
   
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.
 
 Args:
@@ -609,69 +1092,193 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "pscConnectionStatus": "A String",
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -705,7 +1312,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -719,7 +1327,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -736,16 +1344,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -779,7 +1400,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -793,7 +1415,7 @@ 
Method Details

 

 
 

-    setTarget(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    setTarget(project, region, forwardingRule, body=None, requestId=None)
   
Changes target URL for forwarding rule. The new target should be of the same type as the old target.
 
 Args:
@@ -807,16 +1429,29 @@ 
Method Details

   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -850,7 +1485,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -864,7 +1500,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -880,10 +1516,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.globalAddresses.html b/docs/dyn/compute_beta.globalAddresses.html
index 5c0e4887a30..3beffa64b4d 100644
--- a/docs/dyn/compute_beta.globalAddresses.html
+++ b/docs/dyn/compute_beta.globalAddresses.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, address, requestId=None, x__xgafv=None)

+  delete(project, address, requestId=None)

 
Deletes the specified address resource.

 

-  get(project, address, x__xgafv=None)

+  get(project, address)

 
Returns the specified address resource. Gets a list of available addresses by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates an address resource in the specified project by using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of global addresses.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, address, requestId=None, x__xgafv=None)
+    delete(project, address, requestId=None)
   
Deletes the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   address: string, Name of the address resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,21 +182,31 @@ 
Method Details

 

 
 

-    get(project, address, x__xgafv=None)
+    get(project, address)
   
Returns the specified address resource. Gets a list of available addresses by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   address: string, Name of the address resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    #
+    # Use global internal addresses for reserved peering network range.
+    #
+    # Use regional external addresses for the following resources:
+    #
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    #
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    #
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    #
+    # For more information, read reserved IP address.
+    #
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -190,16 +214,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -210,7 +243,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates an address resource in the specified project by using the data included in the request.
 
 Args:
@@ -218,7 +251,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    # 
+    # Use global internal addresses for reserved peering network range.
+    # 
+    # Use regional external addresses for the following resources:
+    # 
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    # 
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    # 
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    # 
+    # For more information, read reserved IP address.
+    # 
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -226,16 +273,25 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Address.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -244,16 +300,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -287,7 +356,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -301,20 +371,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of global addresses.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -322,7 +398,21 @@ 
Method Details

     { # Contains a list of addresses.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Address resources.
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+        #
+        # Use global internal addresses for reserved peering network range.
+        #
+        # Use regional external addresses for the following resources:
+        #
+        # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+        #
+        # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+        #
+        # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+        #
+        # For more information, read reserved IP address.
+        #
+        # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
       "address": "A String", # The static IP address represented by this resource.
       "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -330,16 +420,25 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.
       "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Address.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an Address.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM.
       "prefixLength": 42, # The prefix length if the resource represents an IP range.
-      "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+      "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+          # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+          # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+          # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+          # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+          # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
       "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -353,7 +452,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -379,7 +479,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -395,15 +495,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -437,7 +546,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -451,7 +561,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -466,10 +576,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.globalForwardingRules.html b/docs/dyn/compute_beta.globalForwardingRules.html
index 9f8628141e8..ec5494697ae 100644
--- a/docs/dyn/compute_beta.globalForwardingRules.html
+++ b/docs/dyn/compute_beta.globalForwardingRules.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, forwardingRule, requestId=None, x__xgafv=None)

+  delete(project, forwardingRule, requestId=None)

 
Deletes the specified GlobalForwardingRule resource.

 

-  get(project, forwardingRule, x__xgafv=None)

+  get(project, forwardingRule)

 
Returns the specified GlobalForwardingRule resource. Gets a list of available forwarding rules by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a GlobalForwardingRule resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of GlobalForwardingRule resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  patch(project, forwardingRule, body=None, requestId=None)

 
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.

 

-  setTarget(project, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  setTarget(project, forwardingRule, body=None, requestId=None)

 
Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -111,22 +111,35 @@ 
Method Details

 

 
 

-    delete(project, forwardingRule, requestId=None, x__xgafv=None)
+    delete(project, forwardingRule, requestId=None)
   
Deletes the specified GlobalForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -160,7 +173,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -174,76 +188,183 @@ 
Method Details

 

 
 

-    get(project, forwardingRule, x__xgafv=None)
+    get(project, forwardingRule)
   
Returns the specified GlobalForwardingRule resource. Gets a list of available forwarding rules by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+    #
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    #
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    #
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    #
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      #
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      #
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      #
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      #
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      #
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      #
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      #
+      #
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      #
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      #
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      #
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      #
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      #
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "pscConnectionStatus": "A String",
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      #
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      #
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      #
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      #
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      #
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      #
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a GlobalForwardingRule resource in the specified project using the data included in the request.
 
 Args:
@@ -251,69 +372,193 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "pscConnectionStatus": "A String",
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -347,7 +592,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -361,20 +607,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of GlobalForwardingRule resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -382,56 +634,167 @@ 
Method Details

     { # Contains a list of ForwardingRule resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ForwardingRule resources.
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-      "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+        #
+        # Forwarding rule resources in GCP can be either regional or global in scope:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+        #
+        # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+        #
+        # For more information, read Forwarding rule concepts and Using protocol forwarding.
+        #
+        # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+          #
+          # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+          #
+          # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+          # - projects/project_id/regions/region/addresses/address-name
+          # - regions/region/addresses/address-name
+          # - global/addresses/address-name
+          # - address-name
+          #
+          # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+          #
+          # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+      "IPProtocol": "A String", # The IP protocol to which this rule applies.
+          #
+          # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+          #
+          # The valid IP protocols are different for different load balancing products:
+          # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+          # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+          # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+          # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
       "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
       "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
       "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
       "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+      "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+          #
+          #
+          # - EXTERNAL is used for:
+          # - Classic Cloud VPN gateways
+          # - Protocol forwarding to VMs from an external IP address
+          # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+          # - INTERNAL is used for:
+          # - Protocol forwarding to VMs from an internal IP address
+          # - Internal TCP/UDP Load Balancing
+          # - INTERNAL_MANAGED is used for:
+          # - Internal HTTP(S) Load Balancing
+          # - INTERNAL_SELF_MANAGED is used for:
+          # - Traffic Director
+          #
+          # For more information about forwarding rules, refer to Forwarding rule concepts.
+      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+          # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+              # This list must not be empty and can have at the most 64 entries.
             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+              "name": "A String", # Name of metadata label.
+                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+              "value": "A String", # The value of the label must match the specified value.
+                  # value can have a maximum length of 1024 characters.
             },
           ],
-          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+              # Supported values are:
+              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
         },
       ],
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-      "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-      "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "network": "A String", # This field is not used for external load balancing.
+          #
+          # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+          #
+          # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+      "portRange": "A String", # This field can be used only if:
+          # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+          # - IPProtocol is one of TCP, UDP, or SCTP.
+          #
+          # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+          #
+          # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # Some types of forwarding target have constraints on the acceptable ports:
+          # - TargetHttpProxy: 80, 8080
+          # - TargetHttpsProxy: 443
+          # - TargetGrpcProxy: no constraints
+          # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetVpnGateway: 500, 4500
+      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # You can specify a list of up to five ports, which can be non-contiguous.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
         "A String",
       ],
       "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
       "pscConnectionStatus": "A String",
       "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+          #
+          # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
         { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
           "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
           "service": "A String", # Service Directory service to register the forwarding rule under.
           "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
         },
       ],
-      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-      "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+          #
+          # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          #
+          # This field is only used for internal load balancing.
+      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+          #
+          # This field is only used for internal load balancing.
+      "subnetwork": "A String", # This field is only used for internal load balancing.
+          #
+          # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+          #
+          # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
       "target": "A String",
     },
   ],
@@ -440,7 +803,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -466,7 +830,7 @@ 
Method Details

 

 
 

-    patch(project, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    patch(project, forwardingRule, body=None, requestId=None)
   
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.
 
 Args:
@@ -475,69 +839,193 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/beta/globalForwardingRules) * [Regional](/compute/docs/reference/rest/beta/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "pscConnectionStatus": "A String",
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -571,7 +1059,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -585,7 +1074,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -601,15 +1090,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -643,7 +1141,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -657,7 +1156,7 @@ 
Method Details

 

 
 

-    setTarget(project, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    setTarget(project, forwardingRule, body=None, requestId=None)
   
Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.
 
 Args:
@@ -670,16 +1169,29 @@ 
Method Details

   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -713,7 +1225,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -727,7 +1240,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -742,10 +1255,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.globalNetworkEndpointGroups.html b/docs/dyn/compute_beta.globalNetworkEndpointGroups.html
index 1d50a0b061d..c88b716dcaf 100644
--- a/docs/dyn/compute_beta.globalNetworkEndpointGroups.html
+++ b/docs/dyn/compute_beta.globalNetworkEndpointGroups.html
@@ -75,28 +75,28 @@
 
Compute Engine API . globalNetworkEndpointGroups

 
Instance Methods

 

-  attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)

 
Attach a network endpoint to the specified network endpoint group.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group.Note that the NEG cannot be deleted if there are backend services referencing it.

 

-  detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)

 
Detach the network endpoint from the specified network endpoint group.

 

-  get(project, networkEndpointGroup, x__xgafv=None)

+  get(project, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups that are located in the specified project.

 

-  listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the network endpoints in the specified network endpoint group.

 

   listNetworkEndpoints_next(previous_request, previous_response)

@@ -106,7 +106,7 @@ 
Instance Methods

 
Retrieves the next page of results.

 
Method Details

 

-    attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)
   
Attach a network endpoint to the specified network endpoint group.
 
 Args:
@@ -122,23 +122,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -172,7 +187,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,22 +207,35 @@ 
Method Details

 

 
 

-    delete(project, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group.Note that the NEG cannot be deleted if there are backend services referencing it.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -240,7 +269,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -254,7 +284,7 @@ 
Method Details

 

 
 

-    detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)
   
Detach the network endpoint from the specified network endpoint group.
 
 Args:
@@ -270,23 +300,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -320,7 +365,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -334,37 +380,67 @@ 
Method Details

 

 
 

-    get(project, networkEndpointGroup, x__xgafv=None)
+    get(project, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -389,7 +465,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -397,23 +473,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -436,16 +546,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -479,7 +602,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -493,20 +617,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups that are located in the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -514,23 +644,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -558,7 +722,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -570,21 +735,27 @@ 
Method Details

 

 
 

-    listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the network endpoints in the specified network endpoint group.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group from which you want to generate a list of included network endpoints. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -601,10 +772,16 @@ 
Method Details

           "forwardingRule": { # URL of the forwarding rule associated with the health state of the network endpoint.
             "forwardingRule": "A String",
           },
-          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check # URL of the health check associated with the health state of the network endpoint.
+          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: # URL of the health check associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+              # - projects/project-id/global/httpHealthChecks/health-check
+              # - global/httpHealthChecks/health-check
             "healthCheck": "A String",
           },
-          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service - projects/project-id/regions/us-west1/healthCheckServices/health-check-service - regions/us-west1/healthCheckServices/health-check-service # URL of the health check service associated with the health state of the network endpoint.
+          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: # URL of the health check service associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - regions/us-west1/healthCheckServices/health-check-service
             "healthCheckService": "A String",
           },
           "healthState": "A String", # Health state of the network endpoint determined based on the health checks configured.
@@ -615,7 +792,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -625,7 +804,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.globalOperations.html b/docs/dyn/compute_beta.globalOperations.html
index 62cf22f3776..acc4053415d 100644
--- a/docs/dyn/compute_beta.globalOperations.html
+++ b/docs/dyn/compute_beta.globalOperations.html
@@ -75,7 +75,7 @@
 
Compute Engine API . globalOperations

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of all operations.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, operation, x__xgafv=None)

+  delete(project, operation)

 
Deletes the specified Operations resource.

 

-  get(project, operation, x__xgafv=None)

+  get(project, operation)

 
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of all operations.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,7 +130,20 @@ 
Method Details

   "items": { # [Output Only] A map of scoped operation lists.
     "a_key": { # [Output Only] Name of the scope containing this set of operations.
       "operations": [ # [Output Only] A list of operations contained in this scope.
-        { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+        { # Represents an Operation resource.
+            #
+            # Google Compute Engine has three Operation resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+            #
+            # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+            #
+            # Operations can be global, regional or zonal.
+            # - For global operations, use the `globalOperations` resource.
+            # - For regional operations, use the `regionOperations` resource.
+            # - For zonal operations, use the `zonalOperations` resource.
+            #
+            # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
           "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
           "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
           "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +177,8 @@ 
Method Details

           "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
             {
               "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-              "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+              "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                  # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
                 {
                   "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                   "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,7 +192,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of operations when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -190,7 +211,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -221,35 +243,40 @@ 
Method Details

 

 
 

-    delete(project, operation, x__xgafv=None)
+    delete(project, operation)
   
Deletes the specified Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, operation, x__xgafv=None)
+    get(project, operation)
   
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -283,7 +310,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -297,20 +325,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -318,7 +352,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -352,7 +399,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -369,7 +417,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -395,21 +444,34 @@ 
Method Details

 

 
 

-    wait(project, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -443,7 +505,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.globalOrganizationOperations.html b/docs/dyn/compute_beta.globalOrganizationOperations.html
index 08cb9be5df3..5031e88e3b6 100644
--- a/docs/dyn/compute_beta.globalOrganizationOperations.html
+++ b/docs/dyn/compute_beta.globalOrganizationOperations.html
@@ -78,13 +78,13 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(operation, parentId=None, x__xgafv=None)

+  delete(operation, parentId=None)

 
Deletes the specified Operations resource.

 

-  get(operation, parentId=None, x__xgafv=None)

+  get(operation, parentId=None)

 
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified organization.

 

   list_next(previous_request, previous_response)

@@ -96,35 +96,40 @@ 
Method Details

 

 
 

-    delete(operation, parentId=None, x__xgafv=None)
+    delete(operation, parentId=None)
   
Deletes the specified Operations resource.
 
 Args:
   operation: string, Name of the Operations resource to delete. (required)
   parentId: string, Parent ID for this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(operation, parentId=None, x__xgafv=None)
+    get(operation, parentId=None)
   
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.
 
 Args:
   operation: string, Name of the Operations resource to return. (required)
   parentId: string, Parent ID for this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +163,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,20 +178,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified organization.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -193,7 +205,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -227,7 +252,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -244,7 +270,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.globalPublicDelegatedPrefixes.html b/docs/dyn/compute_beta.globalPublicDelegatedPrefixes.html
index 876554807a5..0e1f63370dc 100644
--- a/docs/dyn/compute_beta.globalPublicDelegatedPrefixes.html
+++ b/docs/dyn/compute_beta.globalPublicDelegatedPrefixes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, publicDelegatedPrefix, requestId=None, x__xgafv=None)

+  delete(project, publicDelegatedPrefix, requestId=None)

 
Deletes the specified global PublicDelegatedPrefix.

 

-  get(project, publicDelegatedPrefix, x__xgafv=None)

+  get(project, publicDelegatedPrefix)

 
Returns the specified global PublicDelegatedPrefix resource.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a global PublicDelegatedPrefix in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the global PublicDelegatedPrefixes for a project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, publicDelegatedPrefix, body=None, requestId=None)

 
Patches the specified global PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, publicDelegatedPrefix, requestId=None, x__xgafv=None)
+    delete(project, publicDelegatedPrefix, requestId=None)
   
Deletes the specified global PublicDelegatedPrefix.
 
 Args:
   project: string, Project ID for this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -151,7 +164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -165,16 +179,12 @@ 
Method Details

 

 
 

-    get(project, publicDelegatedPrefix, x__xgafv=None)
+    get(project, publicDelegatedPrefix)
   
Returns the specified global PublicDelegatedPrefix resource.
 
 Args:
   project: string, Project ID for this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -182,7 +192,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -207,7 +219,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a global PublicDelegatedPrefix in the specified project using the parameters that are included in the request.
 
 Args:
@@ -218,7 +230,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -241,16 +255,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -284,7 +311,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -298,20 +326,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the global PublicDelegatedPrefixes for a project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -322,7 +356,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
       "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -350,7 +386,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -376,7 +413,7 @@ 
Method Details

 

 
 

-    patch(project, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, publicDelegatedPrefix, body=None, requestId=None)
   
Patches the specified global PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -388,7 +425,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -411,16 +450,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -454,7 +506,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.healthChecks.html b/docs/dyn/compute_beta.healthChecks.html
index 42fd73ddfcd..ceffdb76d0e 100644
--- a/docs/dyn/compute_beta.healthChecks.html
+++ b/docs/dyn/compute_beta.healthChecks.html
@@ -75,7 +75,7 @@
 
Compute Engine API . healthChecks

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all HealthCheck resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, healthCheck, requestId=None, x__xgafv=None)

+  delete(project, healthCheck, requestId=None)

 
Deletes the specified HealthCheck resource.

 

-  get(project, healthCheck, x__xgafv=None)

+  get(project, healthCheck)

 
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, healthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, healthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all HealthCheck resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,22 +139,53 @@ 
Method Details

   "items": { # A list of HealthChecksScopedList resources.
     "a_key": { # Name of the scope containing this set of HealthChecks.
       "healthChecks": [ # A list of HealthChecks contained in this scope.
-        { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+        { # Represents a Health Check resource.
+            #
+            # Google Compute Engine has two Health Check resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+            #
+            # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+            #
+            # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+            #
+            # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+            #
+            # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+            #
+            # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+            #
+            # For more information, see Health checks overview.
           "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "grpcHealthCheck": {
-            "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+            "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+                # - Empty service_name means the overall status of all services at the backend.
+                # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+                # The grpc_service_name can only be ASCII.
             "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, gRPC health check follows behavior specified in port and portName fields.
           },
           "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
           "http2HealthCheck": {
             "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -157,7 +194,13 @@ 
Method Details

             "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTP health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -166,7 +209,13 @@ 
Method Details

             "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTPS health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -182,7 +231,13 @@ 
Method Details

           "sslHealthCheck": {
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, SSL health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
             "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -190,7 +245,13 @@ 
Method Details

           "tcpHealthCheck": {
             "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, TCP health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
             "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -202,7 +263,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -220,7 +282,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -251,22 +314,35 @@ 
Method Details

 

 
 

-    delete(project, healthCheck, requestId=None, x__xgafv=None)
+    delete(project, healthCheck, requestId=None)
   
Deletes the specified HealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   healthCheck: string, Name of the HealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -300,7 +376,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -314,36 +391,63 @@ 
Method Details

 

 
 

-    get(project, healthCheck, x__xgafv=None)
+    get(project, healthCheck)
   
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   healthCheck: string, Name of the HealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+    #
+    # Google Compute Engine has two Health Check resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    #
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    #
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    #
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    #
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -352,7 +456,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -361,7 +471,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -377,7 +493,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -385,7 +507,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -397,7 +525,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -405,22 +533,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -429,7 +588,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -438,7 +603,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -454,7 +625,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -462,7 +639,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -472,16 +655,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -515,7 +711,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -529,20 +726,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -550,22 +753,53 @@ 
Method Details

     { # Contains a list of HealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheck resources.
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+        #
+        # Google Compute Engine has two Health Check resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+        #
+        # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+        #
+        # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+        #
+        # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+        #
+        # For more information, see Health checks overview.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcHealthCheck": {
-        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+            # - Empty service_name means the overall status of all services at the backend.
+            # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+            # The grpc_service_name can only be ASCII.
         "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, gRPC health check follows behavior specified in port and portName fields.
       },
       "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
       "http2HealthCheck": {
         "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -574,7 +808,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -583,7 +823,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTPS health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -599,7 +845,13 @@ 
Method Details

       "sslHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, SSL health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -607,7 +859,13 @@ 
Method Details

       "tcpHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, TCP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -622,7 +880,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -648,7 +907,7 @@ 
Method Details

 

 
 

-    patch(project, healthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -657,22 +916,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -681,7 +971,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -690,7 +986,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -706,7 +1008,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -714,7 +1022,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -724,16 +1038,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -767,7 +1094,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -781,7 +1109,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -796,10 +1124,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -812,7 +1136,7 @@ 
Method Details

 

 
 

-    update(project, healthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -821,22 +1145,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -845,7 +1200,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -854,7 +1215,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -870,7 +1237,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -878,7 +1251,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -888,16 +1267,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -931,7 +1323,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.httpHealthChecks.html b/docs/dyn/compute_beta.httpHealthChecks.html
index 20cd2612484..fd206b74148 100644
--- a/docs/dyn/compute_beta.httpHealthChecks.html
+++ b/docs/dyn/compute_beta.httpHealthChecks.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, httpHealthCheck, requestId=None, x__xgafv=None)

+  delete(project, httpHealthCheck, requestId=None)

 
Deletes the specified HttpHealthCheck resource.

 

-  get(project, httpHealthCheck, x__xgafv=None)

+  get(project, httpHealthCheck)

 
Returns the specified HttpHealthCheck resource. Gets a list of available HTTP health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HttpHealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HttpHealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, httpHealthCheck, body=None, requestId=None)

 
Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, httpHealthCheck, body=None, requestId=None)

 
Updates a HttpHealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, httpHealthCheck, requestId=None, x__xgafv=None)
+    delete(project, httpHealthCheck, requestId=None)
   
Deletes the specified HttpHealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   httpHealthCheck: string, Name of the HttpHealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,21 +185,19 @@ 
Method Details

 

 
 

-    get(project, httpHealthCheck, x__xgafv=None)
+    get(project, httpHealthCheck)
   
Returns the specified HttpHealthCheck resource. Gets a list of available HTTP health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   httpHealthCheck: string, Name of the HttpHealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTP Health Check resource.
+    #
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -203,7 +215,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HttpHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -211,7 +223,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -227,16 +241,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -270,7 +297,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -284,20 +312,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HttpHealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -305,7 +339,9 @@ 
Method Details

     { # Contains a list of HttpHealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HttpHealthCheck resources.
-    { # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTP Health Check resource.
+        #
+        # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -326,7 +362,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -352,7 +389,7 @@ 
Method Details

 

 
 

-    patch(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, httpHealthCheck, body=None, requestId=None)
   
Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -361,7 +398,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -377,16 +416,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -420,7 +472,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -434,7 +487,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -449,10 +502,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -465,7 +514,7 @@ 
Method Details

 

 
 

-    update(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, httpHealthCheck, body=None, requestId=None)
   
Updates a HttpHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -474,7 +523,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -490,16 +541,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -533,7 +597,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.httpsHealthChecks.html b/docs/dyn/compute_beta.httpsHealthChecks.html
index e6978713428..44752d8019a 100644
--- a/docs/dyn/compute_beta.httpsHealthChecks.html
+++ b/docs/dyn/compute_beta.httpsHealthChecks.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, httpsHealthCheck, requestId=None, x__xgafv=None)

+  delete(project, httpsHealthCheck, requestId=None)

 
Deletes the specified HttpsHealthCheck resource.

 

-  get(project, httpsHealthCheck, x__xgafv=None)

+  get(project, httpsHealthCheck)

 
Returns the specified HttpsHealthCheck resource. Gets a list of available HTTPS health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HttpsHealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HttpsHealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, httpsHealthCheck, body=None, requestId=None)

 
Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, httpsHealthCheck, body=None, requestId=None)

 
Updates a HttpsHealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, httpsHealthCheck, requestId=None, x__xgafv=None)
+    delete(project, httpsHealthCheck, requestId=None)
   
Deletes the specified HttpsHealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   httpsHealthCheck: string, Name of the HttpsHealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,21 +185,19 @@ 
Method Details

 

 
 

-    get(project, httpsHealthCheck, x__xgafv=None)
+    get(project, httpsHealthCheck)
   
Returns the specified HttpsHealthCheck resource. Gets a list of available HTTPS health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   httpsHealthCheck: string, Name of the HttpsHealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTPS Health Check resource.
+    #
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -203,7 +215,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HttpsHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -211,7 +223,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -227,16 +241,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -270,7 +297,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -284,20 +312,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HttpsHealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -305,7 +339,9 @@ 
Method Details

     { # Contains a list of HttpsHealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HttpsHealthCheck resources.
-    { # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTPS Health Check resource.
+        #
+        # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -326,7 +362,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -352,7 +389,7 @@ 
Method Details

 

 
 

-    patch(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, httpsHealthCheck, body=None, requestId=None)
   
Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -361,7 +398,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -377,16 +416,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -420,7 +472,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -434,7 +487,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -449,10 +502,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -465,7 +514,7 @@ 
Method Details

 

 
 

-    update(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, httpsHealthCheck, body=None, requestId=None)
   
Updates a HttpsHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -474,7 +523,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -490,16 +541,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -533,7 +597,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.imageFamilyViews.html b/docs/dyn/compute_beta.imageFamilyViews.html
index eb4372107f1..467c5e0acf1 100644
--- a/docs/dyn/compute_beta.imageFamilyViews.html
+++ b/docs/dyn/compute_beta.imageFamilyViews.html
@@ -78,7 +78,7 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, family, x__xgafv=None)

+  get(project, zone, family)

 
Returns the latest image that is part of an image family, is not deprecated and is rolled out in the specified zone.

 
Method Details

 

@@ -87,23 +87,21 @@ 
Method Details

 

 
 

-    get(project, zone, family, x__xgafv=None)
+    get(project, zone, family)
   
Returns the latest image that is part of an image family, is not deprecated and is rolled out in the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   family: string, Name of the image family to search for. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     {
-  "image": { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images. # The latest image that is part of the specified image family in the requested location, and that is not deprecated.
+  "image": { # Represents an Image resource. # The latest image that is part of the specified image family in the requested location, and that is not deprecated.
+      #
+      # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
     "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
     "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -116,21 +114,34 @@ 
Method Details

     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
     "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
     "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
       { # Guest OS features.
-        "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+        "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
       },
     ],
     "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-    "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+    "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+        #
+        # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+        #
+        # Customer-supplied encryption keys do not protect access to metadata of the disk.
+        #
+        # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-    "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+    "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve an image.
     "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
       "a_key": "A String",
     },
@@ -144,7 +155,13 @@ 
Method Details

     "rawDisk": { # The parameters of the raw disk image.
       "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
       "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-      "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
     },
     "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
     "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -172,30 +189,66 @@ 
Method Details

         "fileType": "A String", # The file type of source file.
       },
     },
-    "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+        # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+        # - projects/project/zones/zone/disks/disk
+        # - zones/zone/disks/disk
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
     "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-    "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "sourceImage": "A String", # URL of the source image used to create this image.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
     "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-    "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
     "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
     "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
diff --git a/docs/dyn/compute_beta.images.html b/docs/dyn/compute_beta.images.html
index 2917b8812b4..9919c0e3522 100644
--- a/docs/dyn/compute_beta.images.html
+++ b/docs/dyn/compute_beta.images.html
@@ -78,40 +78,40 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, image, requestId=None, x__xgafv=None)

+  delete(project, image, requestId=None)

 
Deletes the specified image.

 

-  deprecate(project, image, body=None, requestId=None, x__xgafv=None)

-
Sets the deprecation status of an image. If an empty request body is given, clears the deprecation status instead.

+  deprecate(project, image, body=None, requestId=None)

+
Sets the deprecation status of an image.

 

-  get(project, image, x__xgafv=None)

+  get(project, image)

 
Returns the specified image. Gets a list of available images by making a list() request.

 

-  getFromFamily(project, family, x__xgafv=None)

+  getFromFamily(project, family)

 
Returns the latest image that is part of an image family and is not deprecated.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, forceCreate=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, forceCreate=None, requestId=None)

 
Creates an image in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, image, body=None, requestId=None, x__xgafv=None)

+  patch(project, image, body=None, requestId=None)

 
Patches the specified image with the data included in the request. Only the following fields can be modified: family, description, deprecation status.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -120,22 +120,35 @@ 
Method Details

 

 
 

-    delete(project, image, requestId=None, x__xgafv=None)
+    delete(project, image, requestId=None)
   
Deletes the specified image.
 
 Args:
   project: string, Project ID for this request. (required)
   image: string, Name of the image resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -169,7 +182,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -183,8 +197,10 @@ 
Method Details

 

 
 

-    deprecate(project, image, body=None, requestId=None, x__xgafv=None)
-  
Sets the deprecation status of an image. If an empty request body is given, clears the deprecation status instead.
+    deprecate(project, image, body=None, requestId=None)
+  
Sets the deprecation status of an image.
+
+If an empty request body is given, clears the deprecation status instead.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -200,16 +216,29 @@ 
Method Details

   "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -243,7 +272,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -257,21 +287,19 @@ 
Method Details

 

 
 

-    get(project, image, x__xgafv=None)
+    get(project, image)
   
Returns the specified image. Gets a list of available images by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   image: string, Name of the image resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+    #
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -284,21 +312,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      #
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -312,7 +353,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -340,30 +387,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -376,21 +459,19 @@ 
Method Details

 

 
 

-    getFromFamily(project, family, x__xgafv=None)
+    getFromFamily(project, family)
   
Returns the latest image that is part of an image family and is not deprecated.
 
 Args:
   project: string, Project ID for this request. (required)
   family: string, Name of the image family to search for. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+    #
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -403,21 +484,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      #
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -431,7 +525,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -459,30 +559,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -495,34 +631,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -530,76 +690,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, forceCreate=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, forceCreate=None, requestId=None)
   
Creates an image in the specified project using the data included in the request.
 
 Args:
@@ -607,7 +835,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+{ # Represents an Image resource.
+    # 
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -620,21 +850,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      # 
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -648,7 +891,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        # 
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -676,30 +925,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -711,16 +996,29 @@ 
Method Details

 }
 
   forceCreate: boolean, Force image creation if true.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -754,7 +1052,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -768,20 +1067,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -789,7 +1094,9 @@ 
Method Details

     { # Contains a list of images.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Image resources.
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+        #
+        # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
       "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -802,21 +1109,34 @@ 
Method Details

       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
       "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+      "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+          #
+          # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an image.
       "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -830,7 +1150,13 @@ 
Method Details

       "rawDisk": { # The parameters of the raw disk image.
         "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
         "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-        "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+        "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+            #
+            # In order to create an image, you must provide the full or partial URL of one of the following:
+            # - The rawDisk.source URL
+            # - The sourceDisk URL
+            # - The sourceImage URL
+            # - The sourceSnapshot URL
       },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -858,30 +1184,66 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-      "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceImage": "A String", # URL of the source image used to create this image.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-      "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -897,7 +1259,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -923,7 +1286,7 @@ 
Method Details

 

 
 

-    patch(project, image, body=None, requestId=None, x__xgafv=None)
+    patch(project, image, body=None, requestId=None)
   
Patches the specified image with the data included in the request. Only the following fields can be modified: family, description, deprecation status.
 
 Args:
@@ -932,7 +1295,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+{ # Represents an Image resource.
+    # 
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -945,21 +1310,34 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      # 
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -973,7 +1351,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        # 
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -1001,30 +1385,66 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.
@@ -1035,16 +1455,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1078,7 +1511,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1092,7 +1526,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1104,33 +1538,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1138,95 +1646,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1234,76 +1834,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1319,15 +1987,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1361,7 +2038,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1375,7 +2053,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1390,10 +2068,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.instanceGroupManagers.html b/docs/dyn/compute_beta.instanceGroupManagers.html
index 57ecaeaffcb..54d790eb517 100644
--- a/docs/dyn/compute_beta.instanceGroupManagers.html
+++ b/docs/dyn/compute_beta.instanceGroupManagers.html
@@ -75,55 +75,55 @@
 
Compute Engine API . instanceGroupManagers

 
Instance Methods

 

-  abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of managed instance groups and groups them by zone.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  applyUpdatesToInstances(project, zone, instanceGroupManager, body=None, x__xgafv=None)

+  applyUpdatesToInstances(project, zone, instanceGroupManager, body=None)

 
Applies changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.

 

   close()

 
Close httplib2 connections.

 

-  createInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  createInstances(project, zone, instanceGroupManager, body=None, requestId=None)

 
Creates instances with per-instance configs in this managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.

 

-  delete(project, zone, instanceGroupManager, requestId=None, x__xgafv=None)

-
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read Deleting an instance group for more information.

+  delete(project, zone, instanceGroupManager, requestId=None)

+
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.

 

-  deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.

 

-  deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None, x__xgafv=None)

+  deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None)

 
Deletes selected per-instance configs for the managed instance group.

 

-  get(project, zone, instanceGroupManager, x__xgafv=None)

+  get(project, zone, instanceGroupManager)

 
Returns all of the details about the specified managed instance group. Gets a list of available managed instance groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

-
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.

+  insert(project, zone, body=None, requestId=None)

+
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of managed instance groups that are contained within the specified project and zone.

 

-  listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all errors thrown by actions on instances for a given managed instance group. The filter and orderBy query parameters are not supported.

 

   listErrors_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action. The orderBy query parameter is not supported.

 

   listManagedInstances_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.

 

   listPerInstanceConfigs_next(previous_request, previous_response)

@@ -132,42 +132,46 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)

 
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 

-  recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.

 

-  resize(project, zone, instanceGroupManager, size, requestId=None, x__xgafv=None)

-
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including: + The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance. This list is subject to change. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resize(project, zone, instanceGroupManager, size, requestId=None)

+
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.

 

-  resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None)

+
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.

 

-  setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None)

 
Motifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use instanceGroupManagers.patch instead.

 

-  setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None)

 
Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.

 

-  setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None)

 
Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  update(project, zone, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.

 

-  updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)

 
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 
Method Details

 

-    abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -182,16 +186,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -225,7 +242,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -239,21 +257,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of managed instance groups and groups them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -263,7 +287,15 @@ 
Method Details

   "items": { # A list of InstanceGroupManagersScopedList resources.
     "a_key": { # [Output Only] The name of the scope that contains this set of managed instance groups.
       "instanceGroupManagers": [ # [Output Only] The list of managed instance groups that are contained in the specified project and zone.
-        { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+        { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+            #
+            # Represents a Managed Instance Group resource.
+            #
+            # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+            #
+            # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+            #
+            # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
           "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
             {
               "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -274,7 +306,9 @@ 
Method Details

           "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
           "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
             "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-            "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+            "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+                #
+                # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
             "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
             "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
             "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -293,14 +327,16 @@ 
Method Details

             ],
           },
           "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-          "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+          "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
           "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
           "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
           "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
           "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
           "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-            { # The named port. For example: <"http", 80>.
+            { # The named port. For example: .
               "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
               "port": 42, # The port number, which can be a value between 1 and 65535.
             },
@@ -336,14 +372,32 @@ 
Method Details

           ],
           "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
           "updatePolicy": { # The update policy for this managed instance group.
-            "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-            "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+                # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+                # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+            "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+                #
+                # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                  #
+                  #
+                  # - If the value is fixed, then the calculated value is equal to the fixed value.
+                  # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
               "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
               "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
             },
-            "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+                #
+                #
+                # - The instance's status is RUNNING.
+                # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+                #
+                # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                  #
+                  #
+                  # - If the value is fixed, then the calculated value is equal to the fixed value.
+                  # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
               "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
               "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
             },
@@ -353,12 +407,20 @@ 
Method Details

             "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
             "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
           },
-          "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+          "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+              #
+              # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
             {
               "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
               "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-              "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+              "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+                  # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+                  # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -369,7 +431,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] The warning that replaces the list of managed instance groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -387,7 +450,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -413,7 +477,7 @@ 
Method Details

 

 
 

-    applyUpdatesToInstances(project, zone, instanceGroupManager, body=None, x__xgafv=None)
+    applyUpdatesToInstances(project, zone, instanceGroupManager, body=None)
   
Applies changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.
 
 Args:
@@ -424,23 +488,40 @@ 
Method Details

     The object takes the form of:
 
 { # InstanceGroupManagers.applyUpdatesToInstances
-  "allInstances": True or False, # Flag to update all instances instead of specified list of “instances”. If the flag is set to true then the instances may not be specified in the request.
+  "allInstances": True or False, # Flag to update all instances instead of specified list of ?instances?. If the flag is set to true then the instances may not be specified in the request.
   "instances": [ # The list of URLs of one or more instances for which you want to apply updates. Each URL can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].
     "A String",
   ],
-  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update: - REPLACE: At minimum, delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
-  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update: - REPLACE: Delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
+  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update:
+      # - REPLACE: At minimum, delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
+  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update:
+      # - REPLACE: Delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -474,7 +555,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -493,7 +575,7 @@ 
Method Details

 

 
 

-    createInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    createInstances(project, zone, instanceGroupManager, body=None, requestId=None)
   
Creates instances with per-instance configs in this managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.
 
 Args:
@@ -525,16 +607,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -568,7 +663,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -582,23 +678,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instanceGroupManager, requestId=None, x__xgafv=None)
-  
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read Deleting an instance group for more information.
+    delete(project, zone, instanceGroupManager, requestId=None)
+  
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -632,7 +741,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -646,8 +756,12 @@ 
Method Details

 

 
 

-    deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -662,16 +776,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -705,7 +832,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -719,7 +847,7 @@ 
Method Details

 

 
 

-    deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None, x__xgafv=None)
+    deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None)
   
Deletes selected per-instance configs for the managed instance group.
 
 Args:
@@ -735,15 +863,24 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -777,7 +914,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -791,22 +929,26 @@ 
Method Details

 

 
 

-    get(project, zone, instanceGroupManager, x__xgafv=None)
+    get(project, zone, instanceGroupManager)
   
Returns all of the details about the specified managed instance group. Gets a list of available managed instance groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    #
+    # Represents a Managed Instance Group resource.
+    #
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    #
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    #
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -817,7 +959,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -836,14 +980,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -879,14 +1025,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -896,12 +1060,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      #
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -912,8 +1084,10 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
-  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.
+    insert(project, zone, body=None, requestId=None)
+  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.
+
+A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -921,7 +1095,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -932,7 +1114,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -951,14 +1135,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -994,14 +1180,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1011,12 +1215,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1025,16 +1237,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1068,7 +1293,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1082,21 +1308,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of managed instance groups that are contained within the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1104,7 +1336,15 @@ 
Method Details

     { # [Output Only] A list of managed instance groups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroupManager resources.
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+        #
+        # Represents a Managed Instance Group resource.
+        #
+        # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+        #
+        # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+        #
+        # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
       "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
         {
           "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -1115,7 +1355,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
       "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
         "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+            #
+            # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
         "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
         "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
         "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1134,14 +1376,16 @@ 
Method Details

         ],
       },
       "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
       "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
       "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
       "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
       "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
       "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -1177,14 +1421,32 @@ 
Method Details

       ],
       "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
       "updatePolicy": { # The update policy for this managed instance group.
-        "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+            # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+            # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
-        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+            #
+            #
+            # - The instance's status is RUNNING.
+            # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
@@ -1194,12 +1456,20 @@ 
Method Details

         "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
         "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
       },
-      "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+      "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+          #
+          # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
         {
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
           "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+              # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+              # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1213,7 +1483,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1225,22 +1496,28 @@ 
Method Details

 

 
 

-    listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all errors thrown by actions on instances for a given managed instance group. The filter and orderBy query parameters are not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. It should conform to RFC1035. (required)
-  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|1-9{0,19}. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|[1-9][0-9]{0,19}. (required)
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1282,22 +1559,28 @@ 
Method Details

 

 
 

-    listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1305,7 +1588,16 @@ 
Method Details

     {
   "managedInstances": [ # [Output Only] The list of instances in the managed instance group.
     { # A Managed Instance resource.
-      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. - RECREATING The managed instance group is recreating this instance. - DELETING The managed instance group is permanently deleting this instance. - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. - RESTARTING The managed instance group is restarting the instance. - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
+      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values:
+          # - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance.
+          # - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful.
+          # - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead.
+          # - RECREATING The managed instance group is recreating this instance.
+          # - DELETING The managed instance group is permanently deleting this instance.
+          # - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group.
+          # - RESTARTING The managed instance group is restarting the instance.
+          # - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.
+          # - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
       "id": "A String", # [Output only] The unique identifier for this resource. This field is empty when instance does not exist.
       "instance": "A String", # [Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.
       "instanceHealth": [ # [Output Only] Health state of the instance per health-check.
@@ -1375,22 +1667,28 @@ 
Method Details

 

 
 

-    listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. It should conform to RFC1035. (required)
   instanceGroupManager: string, The name of the managed instance group. It should conform to RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1418,7 +1716,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1458,7 +1757,7 @@ 
Method Details

 

 
 

-    patch(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -1468,7 +1767,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -1479,7 +1786,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1498,14 +1807,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -1541,14 +1852,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1558,12 +1887,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1572,16 +1909,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1615,7 +1965,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1629,7 +1980,7 @@ 
Method Details

 

 
 

-    patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)
   
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1661,16 +2012,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1704,7 +2068,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1718,8 +2083,12 @@ 
Method Details

 

 
 

-    recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1734,16 +2103,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1777,7 +2159,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1791,24 +2174,45 @@ 
Method Details

 

 
 

-    resize(project, zone, instanceGroupManager, size, requestId=None, x__xgafv=None)
-  
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including: + The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance. This list is subject to change. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resize(project, zone, instanceGroupManager, size, requestId=None)
+  
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.
+
+When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including:
+
++ The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance.
+
+This list is subject to change.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
   size: integer, The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1842,7 +2246,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1856,8 +2261,12 @@ 
Method Details

 

 
 

-    resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resizeAdvanced(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.
+
+If you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1867,20 +2276,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "noCreationRetries": True or False, # If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attempts to recreate each instance continuously until it succeeds. This flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario. This flag is applicable only to the current resize request. It does not influence other resize requests in any way. You can see which instances is being creating in which mode by calling the get or listManagedInstances API.
+  "noCreationRetries": True or False, # If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attempts to recreate each instance continuously until it succeeds.
+      # 
+      # This flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario.
+      # 
+      # This flag is applicable only to the current resize request. It does not influence other resize requests in any way.
+      # 
+      # You can see which instances is being creating in which mode by calling the get or listManagedInstances API.
   "targetSize": 42, # The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1914,7 +2342,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1928,7 +2357,7 @@ 
Method Details

 

 
 

-    setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setAutoHealingPolicies(project, zone, instanceGroupManager, body=None, requestId=None)
   
Motifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use instanceGroupManagers.patch instead.
 
 Args:
@@ -1947,16 +2376,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1990,7 +2432,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2004,7 +2447,7 @@ 
Method Details

 

 
 

-    setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None)
   
Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
 
 Args:
@@ -2018,16 +2461,29 @@ 
Method Details

   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2061,7 +2517,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2075,7 +2532,7 @@ 
Method Details

 

 
 

-    setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None)
   
Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.
 
 Args:
@@ -2092,16 +2549,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2135,7 +2605,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2149,7 +2620,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -2165,10 +2636,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2181,7 +2648,7 @@ 
Method Details

 

 
 

-    update(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    update(project, zone, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.
 
 Args:
@@ -2191,7 +2658,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -2202,7 +2677,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -2221,14 +2698,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -2264,14 +2743,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -2281,12 +2778,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2295,16 +2800,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2338,7 +2856,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2352,7 +2871,7 @@ 
Method Details

 

 
 

-    updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)
   
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -2384,16 +2903,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2427,7 +2959,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.instanceGroups.html b/docs/dyn/compute_beta.instanceGroups.html
index 2e0cf049c30..d1e674a6034 100644
--- a/docs/dyn/compute_beta.instanceGroups.html
+++ b/docs/dyn/compute_beta.instanceGroups.html
@@ -75,10 +75,10 @@
 
Compute Engine API . instanceGroups

 
Instance Methods

 

-  addInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

-
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read Adding instances for more information.

+  addInstances(project, zone, instanceGroup, body=None, requestId=None)

+
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instance groups and sorts them by zone.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,19 +87,19 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, instanceGroup, requestId=None, x__xgafv=None)

-
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read Deleting an instance group for more information.

+  delete(project, zone, instanceGroup, requestId=None)

+
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.

 

-  get(project, zone, instanceGroup, x__xgafv=None)

-
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.

+  get(project, zone, instanceGroup)

+
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an instance group in the specified project using the parameters that are included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

-
Retrieves the list of zonal instance group resources contained within the specified zone. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

+
Retrieves the list of zonal instance group resources contained within the specified zone.

 

-  listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the specified instance group. The orderBy query parameter is not supported.

 

   listInstances_next(previous_request, previous_response)

@@ -108,18 +108,18 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

-
Removes one or more instances from the specified instance group, but does not delete those instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.

+  removeInstances(project, zone, instanceGroup, body=None, requestId=None)

+
Removes one or more instances from the specified instance group, but does not delete those instances.

 

-  setNamedPorts(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

+  setNamedPorts(project, zone, instanceGroup, body=None, requestId=None)

 
Sets the named ports for the specified instance group.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
-  
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read Adding instances for more information.
+    addInstances(project, zone, instanceGroup, body=None, requestId=None)
+  
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -131,21 +131,34 @@ 
Method Details

 {
   "instances": [ # The list of instances to add to the instance group.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -179,7 +192,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -193,21 +207,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instance groups and sorts them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -217,15 +237,31 @@ 
Method Details

   "items": { # A list of InstanceGroupsScopedList resources.
     "a_key": { # The name of the scope that contains this set of instance groups.
       "instanceGroups": [ # [Output Only] The list of instance groups that are contained in this scope.
-        { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+        { # Represents an Instance Group resource.
+            #
+            # Instance Groups can be used to configure a target for load balancing.
+            #
+            # Instance groups can either be managed or unmanaged.
+            #
+            # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+            #
+            # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+            #
+            # For more information, read Instance groups.
+            #
+            # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
           "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
           "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
           "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
           "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-          "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-            { # The named port. For example: <"http", 80>.
+          "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+              #
+              # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+              #
+              # Named ports apply to all instances in this instance group.
+            { # The named port. For example: .
               "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
               "port": 42, # The port number, which can be a value between 1 and 65535.
             },
@@ -240,7 +276,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that replaces the list of instance groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -258,7 +295,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -289,23 +327,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instanceGroup, requestId=None, x__xgafv=None)
-  
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read Deleting an instance group for more information.
+    delete(project, zone, instanceGroup, requestId=None)
+  
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
   instanceGroup: string, The name of the instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -339,7 +390,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -353,30 +405,44 @@ 
Method Details

 

 
 

-    get(project, zone, instanceGroup, x__xgafv=None)
-  
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
+    get(project, zone, instanceGroup)
+  
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request.
+
+For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
   instanceGroup: string, The name of the instance group. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+    #
+    # Instance Groups can be used to configure a target for load balancing.
+    #
+    # Instance groups can either be managed or unmanaged.
+    #
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    #
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    #
+    # For more information, read Instance groups.
+    #
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      #
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      #
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -391,7 +457,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an instance group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -400,15 +466,31 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+{ # Represents an Instance Group resource.
+    # 
+    # Instance Groups can be used to configure a target for load balancing.
+    # 
+    # Instance groups can either be managed or unmanaged.
+    # 
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    # 
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    # 
+    # For more information, read Instance groups.
+    # 
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      # 
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      # 
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -421,16 +503,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -464,7 +559,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -478,21 +574,29 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
-  
Retrieves the list of zonal instance group resources contained within the specified zone. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
+  
Retrieves the list of zonal instance group resources contained within the specified zone.
+
+For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -500,15 +604,31 @@ 
Method Details

     { # A list of InstanceGroup resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroup resources.
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+        #
+        # Instance Groups can be used to configure a target for load balancing.
+        #
+        # Instance groups can either be managed or unmanaged.
+        #
+        # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+        #
+        # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+        #
+        # For more information, read Instance groups.
+        #
+        # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
       "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
       "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
       "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-      "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-        { # The named port. For example: <"http", 80>.
+      "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+          #
+          # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+          #
+          # Named ports apply to all instances in this instance group.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -526,7 +646,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -538,7 +659,7 @@ 
Method Details

 

 
 

-    listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the specified instance group. The orderBy query parameter is not supported.
 
 Args:
@@ -552,15 +673,21 @@ 
Method Details

   "instanceState": "A String", # A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -571,7 +698,7 @@ 
Method Details

     {
       "instance": "A String", # [Output Only] The URL of the instance.
       "namedPorts": [ # [Output Only] The named ports that belong to this instance group.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -584,7 +711,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -624,8 +752,10 @@ 
Method Details

 

 
 

-    removeInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
-  
Removes one or more instances from the specified instance group, but does not delete those instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.
+    removeInstances(project, zone, instanceGroup, body=None, requestId=None)
+  
Removes one or more instances from the specified instance group, but does not delete those instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -637,21 +767,34 @@ 
Method Details

 {
   "instances": [ # The list of instances to remove from the instance group.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -685,7 +828,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -699,7 +843,7 @@ 
Method Details

 

 
 

-    setNamedPorts(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
+    setNamedPorts(project, zone, instanceGroup, body=None, requestId=None)
   
Sets the named ports for the specified instance group.
 
 Args:
@@ -712,23 +856,36 @@ 
Method Details

 {
   "fingerprint": "A String", # The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request. A request with an incorrect fingerprint will fail with error 412 conditionNotMet.
   "namedPorts": [ # The list of named ports to set for this instance group.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -762,7 +919,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -776,7 +934,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -792,10 +950,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.instanceTemplates.html b/docs/dyn/compute_beta.instanceTemplates.html
index 75fd6cd808d..9e19f088e78 100644
--- a/docs/dyn/compute_beta.instanceTemplates.html
+++ b/docs/dyn/compute_beta.instanceTemplates.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, instanceTemplate, requestId=None, x__xgafv=None)

+  delete(project, instanceTemplate, requestId=None)

 
Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It is not possible to delete templates that are already in use by a managed instance group.

 

-  get(project, instanceTemplate, x__xgafv=None)

+  get(project, instanceTemplate)

 
Returns the specified instance template. Gets a list of available instance templates by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of instance templates that are contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, instanceTemplate, requestId=None, x__xgafv=None)
+    delete(project, instanceTemplate, requestId=None)
   
Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It is not possible to delete templates that are already in use by a managed instance group.
 
 Args:
   project: string, Project ID for this request. (required)
   instanceTemplate: string, The name of the instance template to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,21 +185,19 @@ 
Method Details

 

 
 

-    get(project, instanceTemplate, x__xgafv=None)
+    get(project, instanceTemplate)
   
Returns the specified instance template. Gets a list of available instance templates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   instanceTemplate: string, The name of the instance template. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+    { # Represents an Instance Template resource.
+    #
+    # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -205,29 +217,57 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -239,20 +279,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -286,7 +362,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -304,9 +384,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -323,7 +405,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -343,30 +429,45 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -376,7 +477,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -413,21 +516,30 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
     },
   },
   "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
-  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
     "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
       { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
         "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+            # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+            # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+            # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
       },
     ],
   },
@@ -435,34 +547,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -470,76 +606,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.
 
 Args:
@@ -547,7 +751,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+{ # Represents an Instance Template resource.
+    # 
+    # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -567,29 +773,57 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -601,20 +835,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -648,7 +918,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -666,9 +940,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -685,7 +961,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -705,30 +985,45 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -738,7 +1033,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -775,36 +1072,58 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
     },
   },
   "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
-  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
     "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
       { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
         "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+            # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+            # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+            # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
       },
     ],
   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -838,7 +1157,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -852,20 +1172,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of instance templates that are contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -873,7 +1199,9 @@ 
Method Details

     { # A list of instance templates.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceTemplate resources.
-    { # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+    { # Represents an Instance Template resource.
+        #
+        # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -893,29 +1221,57 @@ 
Method Details

           { # An instance-attached disk resource.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                #
+                # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                #
+                # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                #
+                # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                #
+                # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
             "diskSizeGb": "A String", # The size of the disk in GB.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
               "description": "A String", # An optional description. Provide this property when creating the disk.
               "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
               "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                  # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                  #
+                  #
+                  # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                  # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                  # - projects/project/zones/zone/diskTypes/diskType
+                  # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                  #
+                  # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
                 { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                 },
               ],
               "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -927,20 +1283,56 @@ 
Method Details

               "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                 "A String",
               ],
-              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                  # projects/debian-cloud/global/images/family/debian-9
+                  #
+                  #
+                  # Alternatively, use a specific version of a public operating system image:
+                  # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                  #
+                  #
+                  # To create a disk with a custom image that you created, specify the image name in the following format:
+                  # global/images/my-custom-image
+                  #
+                  #
+                  # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                  # global/images/family/my-image-family
+                  #
+                  #
+                  # If the source image is deleted later, this field will not be set.
+              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
-              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                  # global/snapshots/my-backup
+                  #
+                  #
+                  # If the source snapshot is deleted later, this field will not be set.
               "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
             },
@@ -974,7 +1366,11 @@ 
Method Details

                 "fileType": "A String", # The file type of source file.
               },
             },
-            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                #
+                # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
             "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
           },
         ],
@@ -992,9 +1388,11 @@ 
Method Details

         },
         "machineType": "A String", # The machine type to use for instances that are created from these properties.
         "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
           "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
+            {
               "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
               "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
             },
@@ -1011,7 +1409,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -1031,30 +1433,45 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
             "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
             "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
             "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
             "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
             "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
           },
         ],
         "networkPerformanceConfig": {
           "totalEgressBandwidthTier": "A String",
         },
         "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
         "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
@@ -1064,7 +1481,9 @@ 
Method Details

           "A String",
         ],
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
           "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
           "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -1101,21 +1520,30 @@ 
Method Details

           "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
         },
         "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
             "A String",
           ],
         },
       },
       "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
-      "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+      "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
       "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
         "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
           { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
             "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-            "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+            "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+                # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+                # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+                # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+                # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+                # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
           },
         ],
       },
@@ -1126,7 +1554,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1152,7 +1581,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1164,33 +1593,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1198,95 +1701,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1294,76 +1889,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1378,10 +2041,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.instances.html b/docs/dyn/compute_beta.instances.html
index 7d16da24808..658a8a072b0 100644
--- a/docs/dyn/compute_beta.instances.html
+++ b/docs/dyn/compute_beta.instances.html
@@ -75,67 +75,67 @@
 
Compute Engine API . instances

 
Instance Methods

 

-  addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)

 
Adds an access config to an instance's network interface.

 

-  addResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, zone, instance, body=None, requestId=None)

 
Adds existing resource policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves aggregated list of all of the instances in your project across all regions and zones.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None, x__xgafv=None)

+  attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None)

 
Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.

 

-  bulkInsert(project, zone, body=None, requestId=None, x__xgafv=None)

+  bulkInsert(project, zone, body=None, requestId=None)

 
Creates multiple instances. Count specifies the number of instances to create.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, instance, requestId=None, x__xgafv=None)

+  delete(project, zone, instance, requestId=None)

 
Deletes the specified Instance resource. For more information, see Deleting an instance.

 

-  deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None, x__xgafv=None)

+  deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None)

 
Deletes an access config from an instance's network interface.

 

-  detachDisk(project, zone, instance, deviceName, requestId=None, x__xgafv=None)

+  detachDisk(project, zone, instance, deviceName, requestId=None)

 
Detaches a disk from an instance.

 

-  get(project, zone, instance, x__xgafv=None)

+  get(project, zone, instance)

 
Returns the specified Instance resource. Gets a list of available instances by making a list() request.

 

-  getEffectiveFirewalls(project, zone, instance, networkInterface, x__xgafv=None)

+  getEffectiveFirewalls(project, zone, instance, networkInterface)

 
Returns effective firewalls applied to an interface of the instance.

 

-  getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None, x__xgafv=None)

+  getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None)

 
Returns the specified guest attributes entry.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getScreenshot(project, zone, instance, x__xgafv=None)

+  getScreenshot(project, zone, instance)

 
Returns the screenshot from the specified instance.

 

-  getSerialPortOutput(project, zone, instance, port=None, start=None, x__xgafv=None)

+  getSerialPortOutput(project, zone, instance, port=None, start=None)

 
Returns the last 1 MB of serial port output from the specified instance.

 

-  getShieldedInstanceIdentity(project, zone, instance, x__xgafv=None)

+  getShieldedInstanceIdentity(project, zone, instance)

 
Returns the Shielded Instance Identity of an instance

 

-  getShieldedVmIdentity(project, zone, instance, x__xgafv=None)

+  getShieldedVmIdentity(project, zone, instance)

 
Returns the Shielded VM Identity of an instance

 

-  insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None, sourceMachineImage=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None, sourceMachineImage=None)

 
Creates an instance resource in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instances contained within the specified zone.

 

-  listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of resources that refer to the VM instance specified in the request. For example, if the VM instance is part of a managed or unmanaged instance group, the referrers list includes the instance group. For more information, read Viewing referrers to VM instances.

 

   listReferrers_next(previous_request, previous_response)

@@ -144,95 +144,95 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, zone, instance, body=None, requestId=None)

 
Removes resource policies from an instance.

 

-  reset(project, zone, instance, requestId=None, x__xgafv=None)

+  reset(project, zone, instance, requestId=None)

 
Performs a reset on the instance. This is a hard reset the VM does not do a graceful shutdown. For more information, see Resetting an instance.

 

-  resume(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  resume(project, zone, instance, body=None, requestId=None)

 
Resumes an instance that was suspended using the instances().suspend method.

 

-  setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None, x__xgafv=None)

+  setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None)

 
Sets deletion protection on the instance.

 

-  setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None, x__xgafv=None)

+  setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None)

 
Sets the auto-delete flag for a disk attached to an instance.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, instance, body=None, requestId=None)

 
Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.

 

-  setMachineResources(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMachineResources(project, zone, instance, body=None, requestId=None)

 
Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.

 

-  setMachineType(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMachineType(project, zone, instance, body=None, requestId=None)

 
Changes the machine type for a stopped instance to the machine type specified in the request.

 

-  setMetadata(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMetadata(project, zone, instance, body=None, requestId=None)

 
Sets metadata for the specified instance to the data included in the request.

 

-  setMinCpuPlatform(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMinCpuPlatform(project, zone, instance, body=None, requestId=None)

 
Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.

 

-  setName(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setName(project, zone, instance, body=None, requestId=None)

 
Sets name of an instance.

 

-  setScheduling(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setScheduling(project, zone, instance, body=None, requestId=None)

 
Sets an instance's scheduling options. You can only call this method on a stopped instance, that is, a VM instance that is in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.

 

-  setServiceAccount(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setServiceAccount(project, zone, instance, body=None, requestId=None)

 
Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.

 

-  setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None)

 
Sets the Shielded Instance integrity policy for an instance. You can only use this method on a running instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None)

 
Sets the Shielded VM integrity policy for a VM instance. You can only use this method on a running VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setTags(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setTags(project, zone, instance, body=None, requestId=None)

 
Sets network tags for the specified instance to the data included in the request.

 

-  simulateMaintenanceEvent(project, zone, instance, x__xgafv=None)

+  simulateMaintenanceEvent(project, zone, instance)

 
Simulates a maintenance event on the instance.

 

-  start(project, zone, instance, requestId=None, x__xgafv=None)

+  start(project, zone, instance, requestId=None)

 
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.

 

-  startWithEncryptionKey(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  startWithEncryptionKey(project, zone, instance, body=None, requestId=None)

 
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.

 

-  stop(project, zone, instance, requestId=None, x__xgafv=None)

+  stop(project, zone, instance, requestId=None)

 
Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.

 

-  suspend(project, zone, instance, discardLocalSsd=None, requestId=None, x__xgafv=None)

+  suspend(project, zone, instance, discardLocalSsd=None, requestId=None)

 
This method suspends a running instance, saving its state to persistent storage, and allows you to resume the instance at a later time. Suspended instances incur reduced per-minute, virtual machine usage charges while they are suspended. Any resources the virtual machine is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, x__xgafv=None)

-
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See Updating a running instance for a list of updatable instance properties.

+  update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None)

+
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See  Updating a running instance for a list of updatable instance properties.

 

-  updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)

 
Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateDisplayDevice(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateDisplayDevice(project, zone, instance, body=None, requestId=None)

 
Updates the Display config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None)

 
Updates an instance's network interface. This method can only update an interface's alias IP range and attached network. See Modifying alias IP ranges for an existing instance for instructions on changing alias IP ranges. See Migrating a VM between networks for instructions on migrating an interface. This method follows PATCH semantics.

 

-  updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None)

 
Updates the Shielded Instance config for an instance. You can only use this method on a stopped instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateShieldedVmConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateShieldedVmConfig(project, zone, instance, body=None, requestId=None)

 
Updates the Shielded VM config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 
Method Details

 

-    addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)
   
Adds an access config to an instance's network interface.
 
 Args:
@@ -249,22 +249,39 @@ 
Method Details

   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+      # 
+      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -298,7 +315,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -312,7 +330,7 @@ 
Method Details

 

 
 

-    addResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, zone, instance, body=None, requestId=None)
   
Adds existing resource policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.
 
 Args:
@@ -328,16 +346,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -371,7 +402,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -385,21 +417,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves aggregated list of all of the instances in your project across all regions and zones.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -409,12 +447,14 @@ 
Method Details

   "items": { # An object that contains a list of instances scoped by zone.
     "a_key": { # [Output Only] Name of the scope containing this set of instances.
       "instances": [ # [Output Only] A list of instances contained in this scope.
-        { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+        { # Represents an Instance resource.
+            #
+            # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
           "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
             "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
             "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
           },
-          "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+          "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
           "confidentialInstanceConfig": { # A set of Confidential Instance options.
             "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
           },
@@ -426,29 +466,57 @@ 
Method Details

             { # An instance-attached disk resource.
               "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
               "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-              "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-              "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+              "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                  #
+                  # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+              "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                  #
+                  # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                  #
+                  # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                  #
+                  # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
               "diskSizeGb": "A String", # The size of the disk in GB.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
                 { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                 },
               ],
               "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-              "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                  #
+                  # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                  #
+                  # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
                 "description": "A String", # An optional description. Provide this property when creating the disk.
                 "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
                 "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-                "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-                "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+                "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                    # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                    #
+                    #
+                    # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                    # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                    # - projects/project/zones/zone/diskTypes/diskType
+                    # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+                "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                    #
+                    # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
                   { # Guest OS features.
-                    "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                    "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                   },
                 ],
                 "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -460,20 +528,56 @@ 
Method Details

                 "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                   "A String",
                 ],
-                "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-                "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+                "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                    #
+                    # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                    # projects/debian-cloud/global/images/family/debian-9
+                    #
+                    #
+                    # Alternatively, use a specific version of a public operating system image:
+                    # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                    #
+                    #
+                    # To create a disk with a custom image that you created, specify the image name in the following format:
+                    # global/images/my-custom-image
+                    #
+                    #
+                    # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                    # global/images/family/my-image-family
+                    #
+                    #
+                    # If the source image is deleted later, this field will not be set.
+                "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                    #
+                    # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                   "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                   "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                   "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                      #
+                      # The key must meet the following requirements before you can provide it to Compute Engine:
+                      # - The key is wrapped using a RSA public key certificate provided by Google.
+                      # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                      # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                   "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
                 },
-                "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+                "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                    #
+                    # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                    # global/snapshots/my-backup
+                    #
+                    #
+                    # If the source snapshot is deleted later, this field will not be set.
                 "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                   "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                   "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                   "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                  "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                      #
+                      # The key must meet the following requirements before you can provide it to Compute Engine:
+                      # - The key is wrapped using a RSA public key certificate provided by Google.
+                      # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                      # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
                   "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
                 },
               },
@@ -507,7 +611,11 @@ 
Method Details

                   "fileType": "A String", # The file type of source file.
                 },
               },
-              "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+              "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                  #
+                  # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
               "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
             },
           ],
@@ -515,7 +623,9 @@ 
Method Details

             "enableDisplay": True or False, # Defines whether the instance has Display enabled.
           },
           "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
             { # A specification of the type and number of accelerator cards attached to the instance.
               "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -525,18 +635,32 @@ 
Method Details

           "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-          "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+          "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
             "a_key": "A String",
           },
           "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
           "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
           "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-          "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+          "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+              # zones/us-central1-f/machineTypes/n1-standard-1
+              #
+              #
+              # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+              # zones/zone/machineTypes/custom-CPUS-MEMORY
+              #
+              #
+              # For example: zones/us-central1-f/machineTypes/custom-4-5120
+              #
+              # For a full list of restrictions, read the Specifications for custom machine types.
           "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+                #
+                # To see the latest fingerprint, make a get() request to retrieve the resource.
             "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-              { # Metadata
+              {
                 "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
                 "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
               },
@@ -554,7 +678,11 @@ 
Method Details

                   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                      #
+                      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                      #
+                      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -574,30 +702,45 @@ 
Method Details

                   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                      #
+                      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                      #
+                      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
-              "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+              "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                  #
+                  # Valid only if stackType is IPV4_IPV6.
               "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
               "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
               "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-              "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+              "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                  #
+                  # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                  # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                  # - projects/project/global/networks/network
+                  # - global/networks/default
               "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
               "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-              "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-              "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+              "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                  #
+                  # This field can be both set at instance creation and update network interface operations.
+              "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                  # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                  # - regions/region/subnetworks/subnetwork
             },
           ],
           "networkPerformanceConfig": {
             "totalEgressBandwidthTier": "A String",
           },
           "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
           "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-            "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+            "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
             "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
             "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
               "A String",
@@ -608,7 +751,9 @@ 
Method Details

           ],
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-            "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+            "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+                #
+                # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
             "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
             "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
             "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -627,7 +772,9 @@ 
Method Details

             "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
           },
           "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-          "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+          "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+              #
+              # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
             { # A service account.
               "email": "A String", # Email address of the service account.
               "scopes": [ # The list of scopes to be made available for this service account.
@@ -656,14 +803,21 @@ 
Method Details

             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-          "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+          "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
           "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
           "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+                #
+                # To see the latest fingerprint, make get() request to the instance.
             "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
               "A String",
             ],
@@ -673,7 +827,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of instances when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -691,7 +846,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -717,7 +873,7 @@ 
Method Details

 

 
 

-    attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None, x__xgafv=None)
+    attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None)
   
Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.
 
 Args:
@@ -730,29 +886,57 @@ 
Method Details

 { # An instance-attached disk resource.
   "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
   "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-  "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-  "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+  "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+      # 
+      # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+  "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+      # 
+      # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+      # 
+      # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+      # 
+      # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      # 
+      # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "diskSizeGb": "A String", # The size of the disk in GB.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-  "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+  "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+      # 
+      # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      #
+      # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
     "description": "A String", # An optional description. Provide this property when creating the disk.
     "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
     "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-    "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+    "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+        # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+        #
+        #
+        # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+        # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+        # - projects/project/zones/zone/diskTypes/diskType
+        # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+    "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+        #
+        # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
       { # Guest OS features.
-        "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+        "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
       },
     ],
     "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -764,20 +948,56 @@ 
Method Details

     "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
       "A String",
     ],
-    "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-    "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+    "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+        #
+        # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+        # projects/debian-cloud/global/images/family/debian-9
+        #
+        #
+        # Alternatively, use a specific version of a public operating system image:
+        # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+        #
+        #
+        # To create a disk with a custom image that you created, specify the image name in the following format:
+        # global/images/my-custom-image
+        #
+        #
+        # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+        # global/images/family/my-image-family
+        #
+        #
+        # If the source image is deleted later, this field will not be set.
+    "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+        #
+        # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
-    "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+    "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+        #
+        # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+        # global/snapshots/my-backup
+        #
+        #
+        # If the source snapshot is deleted later, this field will not be set.
     "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+      "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+          #
+          # The key must meet the following requirements before you can provide it to Compute Engine:
+          # - The key is wrapped using a RSA public key certificate provided by Google.
+          # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+          # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
   },
@@ -811,21 +1031,38 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+  "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+      # 
+      # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+      # 
+      # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
   "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
 }
 
   forceAttach: boolean, Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -859,7 +1096,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -873,7 +1111,7 @@ 
Method Details

 

 
 

-    bulkInsert(project, zone, body=None, requestId=None, x__xgafv=None)
+    bulkInsert(project, zone, body=None, requestId=None)
   
Creates multiple instances. Count specifies the number of instances to create.
 
 Args:
@@ -898,29 +1136,57 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -932,20 +1198,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -979,7 +1281,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -997,9 +1303,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -1016,7 +1324,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -1036,30 +1348,45 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -1069,7 +1396,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -1106,7 +1435,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -1120,25 +1451,45 @@ 
Method Details

     },
   },
   "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
-  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder # ...# can contain up to 18 characters.
+  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
   "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
     "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
       "name": "A String", # This field is only temporary. It will be removed. Do not use it.
     },
   },
-  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional.
+  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+      # 
+      # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+      # - projects/project/global/instanceTemplates/instanceTemplate
+      # - global/instanceTemplates/instanceTemplate
+      # 
+      # This field is optional.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1172,7 +1523,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1191,23 +1543,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instance, requestId=None, x__xgafv=None)
+    delete(project, zone, instance, requestId=None)
   
Deletes the specified Instance resource. For more information, see Deleting an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1241,7 +1606,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1255,7 +1621,7 @@ 
Method Details

 

 
 

-    deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None, x__xgafv=None)
+    deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None)
   
Deletes an access config from an instance's network interface.
 
 Args:
@@ -1264,16 +1630,29 @@ 
Method Details

   instance: string, The instance name for this request. (required)
   accessConfig: string, The name of the access config to delete. (required)
   networkInterface: string, The name of the network interface. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1307,7 +1686,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1321,7 +1701,7 @@ 
Method Details

 

 
 

-    detachDisk(project, zone, instance, deviceName, requestId=None, x__xgafv=None)
+    detachDisk(project, zone, instance, deviceName, requestId=None)
   
Detaches a disk from an instance.
 
 Args:
@@ -1329,16 +1709,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Instance name for this request. (required)
   deviceName: string, The device name of the disk to detach. Make a get() request on the instance to view currently attached disks and device names. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1372,7 +1765,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1386,27 +1780,25 @@ 
Method Details

 

 
 

-    get(project, zone, instance, x__xgafv=None)
+    get(project, zone, instance)
   
Returns the specified Instance resource. Gets a list of available instances by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+    { # Represents an Instance resource.
+    #
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -1418,29 +1810,57 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+            #
+            # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -1452,20 +1872,56 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
       },
@@ -1499,7 +1955,11 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
     },
   ],
@@ -1507,7 +1967,9 @@ 
Method Details

     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      #
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -1517,18 +1979,32 @@ 
Method Details

   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      #
+      #
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      #
+      #
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      #
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -1546,7 +2022,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -1566,30 +2046,45 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
   "networkPerformanceConfig": {
     "totalEgressBandwidthTier": "A String",
   },
   "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -1600,7 +2095,9 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
     "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
     "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -1619,7 +2116,9 @@ 
Method Details

     "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      #
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -1648,14 +2147,21 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -1665,7 +2171,7 @@ 
Method Details

 

 
 

-    getEffectiveFirewalls(project, zone, instance, networkInterface, x__xgafv=None)
+    getEffectiveFirewalls(project, zone, instance, networkInterface)
   
Returns effective firewalls applied to an interface of the instance.
 
 Args:
@@ -1673,10 +2179,6 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
   networkInterface: string, The name of the network interface to get the effective firewalls. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1701,7 +2203,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -1725,11 +2229,15 @@ 
Method Details

     },
   ],
   "firewalls": [ # Effective firewalls on the instance.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -1738,7 +2246,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -1757,7 +2267,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -1785,17 +2300,27 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -1804,7 +2329,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1816,7 +2359,9 @@ 
Method Details

           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1830,7 +2375,7 @@ 
Method Details

 

 
 

-    getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None, x__xgafv=None)
+    getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None)
   
Returns the specified guest attributes entry.
 
 Args:
@@ -1839,10 +2384,6 @@ 
Method Details

   instance: string, Name of the instance scoping this request. (required)
   queryPath: string, Specifies the guest attributes path to be queried.
   variableKey: string, Specifies the key for the guest attributes entry.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1866,7 +2407,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -1874,27 +2415,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1902,86 +2467,150 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getScreenshot(project, zone, instance, x__xgafv=None)
+    getScreenshot(project, zone, instance)
   
Returns the screenshot from the specified instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1993,7 +2622,7 @@ 
Method Details

 

 
 

-    getSerialPortOutput(project, zone, instance, port=None, start=None, x__xgafv=None)
+    getSerialPortOutput(project, zone, instance, port=None, start=None)
   
Returns the last 1 MB of serial port output from the specified instance.
 
 Args:
@@ -2001,16 +2630,16 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance for this request. (required)
   port: integer, Specifies which COM or serial port to retrieve data from.
-  start: string, Specifies the starting byte position of the output to return. To start with the first byte of output to the specified port, omit this field or set it to `0`. If the output for that byte position is available, this field matches the `start` parameter sent with the request. If the amount of serial console output exceeds the size of the buffer (1 MB), the oldest output is discarded and is no longer available. If the requested start position refers to discarded output, the start position is adjusted to the oldest output still available, and the adjusted start position is returned as the `start` property value. You can also provide a negative start position, which translates to the most recent number of bytes written to the serial port. For example, -3 is interpreted as the most recent 3 bytes written to the serial console.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  start: string, Specifies the starting byte position of the output to return. To start with the first byte of output to the specified port, omit this field or set it to `0`.
+
+If the output for that byte position is available, this field matches the `start` parameter sent with the request. If the amount of serial console output exceeds the size of the buffer (1 MB), the oldest output is discarded and is no longer available. If the requested start position refers to discarded output, the start position is adjusted to the oldest output still available, and the adjusted start position is returned as the `start` property value.
+
+You can also provide a negative start position, which translates to the most recent number of bytes written to the serial port. For example, -3 is interpreted as the most recent 3 bytes written to the serial console.
 
 Returns:
   An object of the form:
 
-    { # An instance serial console output.
+    { # An instance's serial console output.
   "contents": "A String", # [Output Only] The contents of the console output.
   "kind": "compute#serialPortOutput", # [Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.
   "next": "A String", # [Output Only] The position of the next byte of content, regardless of whether the content exists, following the output returned in the `contents` property. Use this value in the next request as the start parameter.
@@ -2020,22 +2649,18 @@ 
Method Details

 

 
 

-    getShieldedInstanceIdentity(project, zone, instance, x__xgafv=None)
+    getShieldedInstanceIdentity(project, zone, instance)
   
Returns the Shielded Instance Identity of an instance
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name or id of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # A Shielded Instance Identity.
+    { # A shielded Instance identity entry.
   "encryptionKey": { # A Shielded Instance Identity Entry. # An Endorsement Key (EK) made by the RSA 2048 algorithm issued to the Shielded Instance's vTPM.
     "ekCert": "A String", # A PEM-encoded X.509 certificate. This field can be empty.
     "ekPub": "A String", # A PEM-encoded public key.
@@ -2049,22 +2674,18 @@ 
Method Details

 

 
 

-    getShieldedVmIdentity(project, zone, instance, x__xgafv=None)
+    getShieldedVmIdentity(project, zone, instance)
   
Returns the Shielded VM Identity of an instance
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # A Shielded VM Identity.
+    { # A shielded VM identity entry.
   "encryptionKey": { # A Shielded Instance Identity Entry. # An Endorsement Key (EK) issued to the Shielded VM's vTPM.
     "ekCert": "A String", # A PEM-encoded X.509 certificate. This field can be empty.
     "ekPub": "A String", # A PEM-encoded public key.
@@ -2078,7 +2699,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None, sourceMachineImage=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None, sourceMachineImage=None)
   
Creates an instance resource in the specified project using the data included in the request.
 
 Args:
@@ -2087,12 +2708,14 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+{ # Represents an Instance resource.
+    # 
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -2104,29 +2727,57 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+            #
+            # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -2138,20 +2789,56 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
       },
@@ -2185,7 +2872,11 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
     },
   ],
@@ -2193,7 +2884,9 @@ 
Method Details

     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -2203,18 +2896,32 @@ 
Method Details

   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      # 
+      # 
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      # 
+      # 
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      # 
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -2232,7 +2939,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -2252,30 +2963,45 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
   "networkPerformanceConfig": {
     "totalEgressBandwidthTier": "A String",
   },
   "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -2286,7 +3012,9 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
     "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
     "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -2305,7 +3033,9 @@ 
Method Details

     "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      # 
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -2334,14 +3064,21 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -2349,18 +3086,41 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  sourceInstanceTemplate: string, Specifies instance template to create the instance. This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate 
-  sourceMachineImage: string, Specifies the machine image to use to create the instance. This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to a machine image: - https://www.googleapis.com/compute/v1/projects/project/global/global /machineImages/machineImage - projects/project/global/global/machineImages/machineImage - global/machineImages/machineImage 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  sourceInstanceTemplate: string, Specifies instance template to create the instance.
+
+This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template:  
+- https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate 
+- projects/project/global/instanceTemplates/instanceTemplate 
+- global/instanceTemplates/instanceTemplate
+  sourceMachineImage: string, Specifies the machine image to use to create the instance.
+
+This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to a machine image:  
+- https://www.googleapis.com/compute/v1/projects/project/global/global/machineImages/machineImage 
+- projects/project/global/global/machineImages/machineImage 
+- global/machineImages/machineImage
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2394,7 +3154,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2408,21 +3169,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instances contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2430,12 +3197,14 @@ 
Method Details

     { # Contains a list of instances.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Instance resources.
-    { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+    { # Represents an Instance resource.
+        #
+        # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
       "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
         "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
         "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
       },
-      "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+      "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
       "confidentialInstanceConfig": { # A set of Confidential Instance options.
         "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
       },
@@ -2447,29 +3216,57 @@ 
Method Details

         { # An instance-attached disk resource.
           "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
           "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-          "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-          "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+          "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+              #
+              # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+          "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+              #
+              # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+              #
+              # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+              #
+              # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "diskSizeGb": "A String", # The size of the disk in GB.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-          "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+              #
+              # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              #
+              # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
             "description": "A String", # An optional description. Provide this property when creating the disk.
             "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
             "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-            "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+            "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                #
+                #
+                # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                # - projects/project/zones/zone/diskTypes/diskType
+                # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                #
+                # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -2481,20 +3278,56 @@ 
Method Details

             "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
               "A String",
             ],
-            "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-            "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+            "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                # projects/debian-cloud/global/images/family/debian-9
+                #
+                #
+                # Alternatively, use a specific version of a public operating system image:
+                # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                #
+                #
+                # To create a disk with a custom image that you created, specify the image name in the following format:
+                # global/images/my-custom-image
+                #
+                #
+                # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                # global/images/family/my-image-family
+                #
+                #
+                # If the source image is deleted later, this field will not be set.
+            "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
-            "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+            "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                #
+                # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                # global/snapshots/my-backup
+                #
+                #
+                # If the source snapshot is deleted later, this field will not be set.
             "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
           },
@@ -2528,7 +3361,11 @@ 
Method Details

               "fileType": "A String", # The file type of source file.
             },
           },
-          "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+          "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+              #
+              # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
           "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         },
       ],
@@ -2536,7 +3373,9 @@ 
Method Details

         "enableDisplay": True or False, # Defines whether the instance has Display enabled.
       },
       "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
         { # A specification of the type and number of accelerator cards attached to the instance.
           "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -2546,18 +3385,32 @@ 
Method Details

       "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-      "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+      "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
       "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
       "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
       "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-      "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+      "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+          # zones/us-central1-f/machineTypes/n1-standard-1
+          #
+          #
+          # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+          # zones/zone/machineTypes/custom-CPUS-MEMORY
+          #
+          #
+          # For example: zones/us-central1-f/machineTypes/custom-4-5120
+          #
+          # For a full list of restrictions, read the Specifications for custom machine types.
       "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+            #
+            # To see the latest fingerprint, make a get() request to retrieve the resource.
         "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-          { # Metadata
+          {
             "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
             "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
           },
@@ -2575,7 +3428,11 @@ 
Method Details

               "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                  #
+                  # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                  #
+                  # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -2595,30 +3452,45 @@ 
Method Details

               "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                  #
+                  # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                  #
+                  # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
-          "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+          "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+              #
+              # Valid only if stackType is IPV4_IPV6.
           "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
           "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
           "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-          "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+          "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+              #
+              # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+              # - projects/project/global/networks/network
+              # - global/networks/default
           "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
           "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-          "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-          "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+          "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+              #
+              # This field can be both set at instance creation and update network interface operations.
+          "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+              # - regions/region/subnetworks/subnetwork
         },
       ],
       "networkPerformanceConfig": {
         "totalEgressBandwidthTier": "A String",
       },
       "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
       "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-        "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+        "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
         "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
         "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
           "A String",
@@ -2629,7 +3501,9 @@ 
Method Details

       ],
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-        "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+        "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+            #
+            # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
         "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
         "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
         "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -2648,7 +3522,9 @@ 
Method Details

         "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-      "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+      "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+          #
+          # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
         { # A service account.
           "email": "A String", # Email address of the service account.
           "scopes": [ # The list of scopes to be made available for this service account.
@@ -2677,14 +3553,21 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-      "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+      "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
       "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
       "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+            #
+            # To see the latest fingerprint, make get() request to the instance.
         "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
           "A String",
         ],
@@ -2697,7 +3580,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2709,22 +3593,28 @@ 
Method Details

 

 
 

-    listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of resources that refer to the VM instance specified in the request. For example, if the VM instance is part of a managed or unmanaged instance group, the referrers list includes the instance group. For more information, read Viewing referrers to VM instances.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the target instance scoping this request, or '-' if the request should span over all instances in the container. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2734,7 +3624,8 @@ 
Method Details

   "items": [ # A list of Reference resources.
     { # Represents a reference to a resource.
       "kind": "compute#reference", # [Output Only] Type of the resource. Always compute#reference for references.
-      "referenceType": "A String", # A description of the reference type with no implied semantics. Possible values include: 1. MEMBER_OF
+      "referenceType": "A String", # A description of the reference type with no implied semantics. Possible values include:
+          # - MEMBER_OF
       "referrer": "A String", # URL of the resource which refers to the target.
       "target": "A String", # URL of the resource to which this reference points.
     },
@@ -2744,7 +3635,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2784,7 +3676,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, zone, instance, body=None, requestId=None)
   
Removes resource policies from an instance.
 
 Args:
@@ -2800,16 +3692,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2843,7 +3748,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2857,23 +3763,36 @@ 
Method Details

 

 
 

-    reset(project, zone, instance, requestId=None, x__xgafv=None)
+    reset(project, zone, instance, requestId=None)
   
Performs a reset on the instance. This is a hard reset the VM does not do a graceful shutdown. For more information, see Resetting an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2907,7 +3826,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2921,7 +3841,7 @@ 
Method Details

 

 
 

-    resume(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    resume(project, zone, instance, body=None, requestId=None)
   
Resumes an instance that was suspended using the instances().suspend method.
 
 Args:
@@ -2932,37 +3852,66 @@ 
Method Details

     The object takes the form of:
 
 {
-  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key. In order to resume the instance, the disk url and its corresponding key must be provided. If the disk is not protected with a customer-supplied encryption key it should not be specified.
+  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key.
+      # 
+      # In order to resume the instance, the disk url and its corresponding key must be provided.
+      # 
+      # If the disk is not protected with a customer-supplied encryption key it should not be specified.
     {
       "diskEncryptionKey": { # Decrypts data associated with the disk with a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks.
     },
   ],
-  "instanceEncryptionKey": { # Decrypts data associated with an instance that is protected with a customer-supplied encryption key. If the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance resume will not succeed.
+  "instanceEncryptionKey": { # Decrypts data associated with an instance that is protected with a customer-supplied encryption key.
+      # 
+      # If the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance resume will not succeed.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2996,7 +3945,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3010,7 +3960,7 @@ 
Method Details

 

 
 

-    setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None, x__xgafv=None)
+    setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None)
   
Sets deletion protection on the instance.
 
 Args:
@@ -3018,16 +3968,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   deletionProtection: boolean, Whether the resource should be protected against deletion.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3061,7 +4024,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3075,7 +4039,7 @@ 
Method Details

 

 
 

-    setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None, x__xgafv=None)
+    setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None)
   
Sets the auto-delete flag for a disk attached to an instance.
 
 Args:
@@ -3084,16 +4048,29 @@ 
Method Details

   instance: string, The instance name for this request. (required)
   autoDelete: boolean, Whether to auto-delete the disk when the instance is deleted. (required)
   deviceName: string, The device name of the disk to modify. Make a get() request on the instance to view currently attached disks and device names. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3127,7 +4104,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3141,7 +4119,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -3154,33 +4132,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -3188,95 +4240,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -3284,76 +4428,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, instance, body=None, requestId=None)
   
Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -3370,16 +4582,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3413,7 +4638,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3427,7 +4653,7 @@ 
Method Details

 

 
 

-    setMachineResources(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMachineResources(project, zone, instance, body=None, requestId=None)
   
Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.
 
 Args:
@@ -3446,16 +4672,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3489,7 +4728,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3503,7 +4743,7 @@ 
Method Details

 

 
 

-    setMachineType(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMachineType(project, zone, instance, body=None, requestId=None)
   
Changes the machine type for a stopped instance to the machine type specified in the request.
 
 Args:
@@ -3517,16 +4757,29 @@ 
Method Details

   "machineType": "A String", # Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3560,7 +4813,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3574,7 +4828,7 @@ 
Method Details

 

 
 

-    setMetadata(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMetadata(project, zone, instance, body=None, requestId=None)
   
Sets metadata for the specified instance to the data included in the request.
 
 Args:
@@ -3585,9 +4839,11 @@ 
Method Details

     The object takes the form of:
 
 { # A metadata key/value entry.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve the resource.
   "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-    { # Metadata
+    {
       "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
       "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
     },
@@ -3595,16 +4851,29 @@ 
Method Details

   "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3638,7 +4907,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3652,7 +4922,7 @@ 
Method Details

 

 
 

-    setMinCpuPlatform(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMinCpuPlatform(project, zone, instance, body=None, requestId=None)
   
Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.
 
 Args:
@@ -3666,16 +4936,29 @@ 
Method Details

   "minCpuPlatform": "A String", # Minimum cpu/platform this instance should be started at.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3709,7 +4992,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3723,7 +5007,7 @@ 
Method Details

 

 
 

-    setName(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setName(project, zone, instance, body=None, requestId=None)
   
Sets name of an instance.
 
 Args:
@@ -3738,16 +5022,29 @@ 
Method Details

   "name": "A String", # The name to be applied to the instance. Needs to be RFC 1035 compliant.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3781,7 +5078,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3795,7 +5093,7 @@ 
Method Details

 

 
 

-    setScheduling(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setScheduling(project, zone, instance, body=None, requestId=None)
   
Sets an instance's scheduling options. You can only call this method on a stopped instance, that is, a VM instance that is in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
 
 Args:
@@ -3806,7 +5104,9 @@ 
Method Details

     The object takes the form of:
 
 { # Sets the scheduling options for an Instance. NextID: 21
-  "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+  "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+      # 
+      # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
   "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
   "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
   "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -3825,16 +5125,29 @@ 
Method Details

   "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3868,7 +5181,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3882,7 +5196,7 @@ 
Method Details

 

 
 

-    setServiceAccount(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setServiceAccount(project, zone, instance, body=None, requestId=None)
   
Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.
 
 Args:
@@ -3899,16 +5213,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3942,7 +5269,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3956,7 +5284,7 @@ 
Method Details

 

 
 

-    setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None)
   
Sets the Shielded Instance integrity policy for an instance. You can only use this method on a running instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -3970,16 +5298,29 @@ 
Method Details

   "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4013,7 +5354,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4027,7 +5369,7 @@ 
Method Details

 

 
 

-    setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setShieldedVmIntegrityPolicy(project, zone, instance, body=None, requestId=None)
   
Sets the Shielded VM integrity policy for a VM instance. You can only use this method on a running VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4041,16 +5383,29 @@ 
Method Details

   "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4084,7 +5439,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4098,7 +5454,7 @@ 
Method Details

 

 
 

-    setTags(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setTags(project, zone, instance, body=None, requestId=None)
   
Sets network tags for the specified instance to the data included in the request.
 
 Args:
@@ -4109,22 +5465,37 @@ 
Method Details

     The object takes the form of:
 
 { # A set of instance tags.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
     "A String",
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4158,7 +5529,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4172,22 +5544,31 @@ 
Method Details

 

 
 

-    simulateMaintenanceEvent(project, zone, instance, x__xgafv=None)
+    simulateMaintenanceEvent(project, zone, instance)
   
Simulates a maintenance event on the instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4221,7 +5602,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4235,23 +5617,36 @@ 
Method Details

 

 
 

-    start(project, zone, instance, requestId=None, x__xgafv=None)
+    start(project, zone, instance, requestId=None)
   
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to start. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4285,7 +5680,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4299,7 +5695,7 @@ 
Method Details

 

 
 

-    startWithEncryptionKey(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    startWithEncryptionKey(project, zone, instance, body=None, requestId=None)
   
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.
 
 Args:
@@ -4310,13 +5706,22 @@ 
Method Details

     The object takes the form of:
 
 {
-  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key. In order to start the instance, the disk url and its corresponding key must be provided. If the disk is not protected with a customer-supplied encryption key it should not be specified.
+  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key.
+      # 
+      # In order to start the instance, the disk url and its corresponding key must be provided.
+      # 
+      # If the disk is not protected with a customer-supplied encryption key it should not be specified.
     {
       "diskEncryptionKey": { # Decrypts data associated with the disk with a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks.
@@ -4324,16 +5729,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4367,7 +5785,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4381,23 +5800,36 @@ 
Method Details

 

 
 

-    stop(project, zone, instance, requestId=None, x__xgafv=None)
+    stop(project, zone, instance, requestId=None)
   
Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to stop. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4431,7 +5863,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4445,7 +5878,7 @@ 
Method Details

 

 
 

-    suspend(project, zone, instance, discardLocalSsd=None, requestId=None, x__xgafv=None)
+    suspend(project, zone, instance, discardLocalSsd=None, requestId=None)
   
This method suspends a running instance, saving its state to persistent storage, and allows you to resume the instance at a later time. Suspended instances incur reduced per-minute, virtual machine usage charges while they are suspended. Any resources the virtual machine is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted.
 
 Args:
@@ -4453,16 +5886,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to suspend. (required)
   discardLocalSsd: boolean, If true, discard the contents of any attached localSSD partitions. Default value is false (== preserve localSSD data).
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4496,7 +5942,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4510,7 +5957,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -4526,10 +5973,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -4542,8 +5985,8 @@ 
Method Details

 

 
 

-    update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, x__xgafv=None)
-  
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See Updating a running instance for a list of updatable instance properties.
+    update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None)
+  
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See  Updating a running instance for a list of updatable instance properties.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -4552,12 +5995,14 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+{ # Represents an Instance resource.
+    # 
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -4569,29 +6014,57 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+            #
+            # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -4603,20 +6076,56 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
       },
@@ -4650,7 +6159,11 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
     },
   ],
@@ -4658,7 +6171,9 @@ 
Method Details

     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -4668,18 +6183,32 @@ 
Method Details

   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      # 
+      # 
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      # 
+      # 
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      # 
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -4697,7 +6226,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -4717,30 +6250,45 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
   "networkPerformanceConfig": {
     "totalEgressBandwidthTier": "A String",
   },
   "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -4751,7 +6299,9 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
     "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
     "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -4770,7 +6320,9 @@ 
Method Details

     "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      # 
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -4799,14 +6351,21 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -4817,25 +6376,38 @@ 
Method Details

   minimalAction: string, Specifies the action to take when updating an instance even if the updated properties do not require it. If not specified, then Compute Engine acts based on the minimum action that the updated properties require.
     Allowed values
       INVALID - 
-      NO_EFFECT - No changes can be made to the instance.
-      REFRESH - The instance will not restart.
-      RESTART - The instance will restart.
+      NO_EFFECT - 
+      REFRESH - 
+      RESTART - 
   mostDisruptiveAllowedAction: string, Specifies the most disruptive action that can be taken on the instance as part of the update. Compute Engine returns an error if the instance properties require a more disruptive action as part of the instance update. Valid options from lowest to highest are NO_EFFECT, REFRESH, and RESTART.
     Allowed values
       INVALID - 
-      NO_EFFECT - No changes can be made to the instance.
-      REFRESH - The instance will not restart.
-      RESTART - The instance will restart.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+      NO_EFFECT - 
+      REFRESH - 
+      RESTART - 
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4869,7 +6441,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4883,7 +6456,7 @@ 
Method Details

 

 
 

-    updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)
   
Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4900,22 +6473,39 @@ 
Method Details

   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+      # 
+      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4949,7 +6539,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4963,7 +6554,7 @@ 
Method Details

 

 
 

-    updateDisplayDevice(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateDisplayDevice(project, zone, instance, body=None, requestId=None)
   
Updates the Display config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4977,16 +6568,29 @@ 
Method Details

   "enableDisplay": True or False, # Defines whether the instance has Display enabled.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5020,7 +6624,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5034,7 +6639,7 @@ 
Method Details

 

 
 

-    updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None)
   
Updates an instance's network interface. This method can only update an interface's alias IP range and attached network. See Modifying alias IP ranges for an existing instance for instructions on changing alias IP ranges. See Migrating a VM between networks for instructions on migrating an interface. This method follows PATCH semantics.
 
 Args:
@@ -5053,7 +6658,11 @@ 
Method Details

       "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+          #
+          # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+          #
+          # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -5073,33 +6682,61 @@ 
Method Details

       "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+          #
+          # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+          #
+          # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],
-  "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+  "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+      # 
+      # Valid only if stackType is IPV4_IPV6.
   "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
   "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
   "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-  "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+  "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+      # 
+      # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+      # - projects/project/global/networks/network
+      # - global/networks/default
   "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
   "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-  "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-  "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+  "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+      # 
+      # This field can be both set at instance creation and update network interface operations.
+  "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+      # - regions/region/subnetworks/subnetwork
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5133,7 +6770,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5147,7 +6785,7 @@ 
Method Details

 

 
 

-    updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None)
   
Updates the Shielded Instance config for an instance. You can only use this method on a stopped instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -5163,16 +6801,29 @@ 
Method Details

   "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5206,7 +6857,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -5220,7 +6872,7 @@ 
Method Details

 

 
 

-    updateShieldedVmConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateShieldedVmConfig(project, zone, instance, body=None, requestId=None)
   
Updates the Shielded VM config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -5236,16 +6888,29 @@ 
Method Details

   "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -5279,7 +6944,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.interconnectAttachments.html b/docs/dyn/compute_beta.interconnectAttachments.html
index 71cd153888a..0b927d4d712 100644
--- a/docs/dyn/compute_beta.interconnectAttachments.html
+++ b/docs/dyn/compute_beta.interconnectAttachments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . interconnectAttachments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of interconnect attachments.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, interconnectAttachment, requestId=None, x__xgafv=None)

+  delete(project, region, interconnectAttachment, requestId=None)

 
Deletes the specified interconnect attachment.

 

-  get(project, region, interconnectAttachment, x__xgafv=None)

+  get(project, region, interconnectAttachment)

 
Returns the specified interconnect attachment.

 

-  insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, validateOnly=None)

 
Creates an InterconnectAttachment in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect attachments contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, interconnectAttachment, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, interconnectAttachment, body=None, requestId=None)

 
Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of interconnect attachments.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,9 +139,23 @@ 
Method Details

   "items": { # A list of InterconnectAttachmentsScopedList resources.
     "a_key": { # Name of the scope containing this set of interconnect attachments.
       "interconnectAttachments": [ # A list of interconnect attachments contained in this scope.
-        { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+        { # Represents an Interconnect Attachment (VLAN) resource.
+            #
+            # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
           "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-          "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+          "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+              # - BPS_50M: 50 Mbit/s
+              # - BPS_100M: 100 Mbit/s
+              # - BPS_200M: 200 Mbit/s
+              # - BPS_300M: 300 Mbit/s
+              # - BPS_400M: 400 Mbit/s
+              # - BPS_500M: 500 Mbit/s
+              # - BPS_1G: 1 Gbit/s
+              # - BPS_2G: 2 Gbit/s
+              # - BPS_5G: 5 Gbit/s
+              # - BPS_10G: 10 Gbit/s
+              # - BPS_20G: 20 Gbit/s
+              # - BPS_50G: 50 Gbit/s
           "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
             "A String",
           ],
@@ -144,22 +164,33 @@ 
Method Details

           "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
           "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
           "description": "A String", # An optional description of this resource.
-          "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-          "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+          "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+              # - AVAILABILITY_DOMAIN_ANY
+              # - AVAILABILITY_DOMAIN_1
+              # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+          "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+              # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+              # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+              # Not currently available publicly.
           "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-          "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+          "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+              # Not currently available publicly.
             "A String",
           ],
           "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
           "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+          "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+              # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+              # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
           "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
           "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
           "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -173,14 +204,24 @@ 
Method Details

           "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-          "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+          "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+              # - ACTIVE: The attachment has been turned up and is ready to use.
+              # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+              # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+              # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+              # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+              # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+          "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+              # - DEDICATED: an attachment to a Dedicated Interconnect.
+              # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+              # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
           "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
         },
       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -198,7 +239,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -229,23 +271,36 @@ 
Method Details

 

 
 

-    delete(project, region, interconnectAttachment, requestId=None, x__xgafv=None)
+    delete(project, region, interconnectAttachment, requestId=None)
   
Deletes the specified interconnect attachment.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   interconnectAttachment: string, Name of the interconnect attachment to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -279,7 +334,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -293,24 +349,34 @@ 
Method Details

 

 
 

-    get(project, region, interconnectAttachment, x__xgafv=None)
+    get(project, region, interconnectAttachment)
   
Returns the specified interconnect attachment.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   interconnectAttachment: string, Name of the interconnect attachment to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) resource.
+    #
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
     "A String",
   ],
@@ -319,22 +385,33 @@ 
Method Details

   "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -348,14 +425,23 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }

 

 
 

-    insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, validateOnly=None)
   
Creates an InterconnectAttachment in the specified project using the data included in the request.
 
 Args:
@@ -364,9 +450,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+{ # Represents an Interconnect Attachment (VLAN) resource.
+    # 
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
     "A String",
   ],
@@ -375,22 +475,33 @@ 
Method Details

   "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -404,22 +515,44 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -453,7 +586,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -467,21 +601,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect attachments contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -489,9 +629,23 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnect attachments.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InterconnectAttachment resources.
-    { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) resource.
+        #
+        # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
       "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-      "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+      "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+          # - BPS_50M: 50 Mbit/s
+          # - BPS_100M: 100 Mbit/s
+          # - BPS_200M: 200 Mbit/s
+          # - BPS_300M: 300 Mbit/s
+          # - BPS_400M: 400 Mbit/s
+          # - BPS_500M: 500 Mbit/s
+          # - BPS_1G: 1 Gbit/s
+          # - BPS_2G: 2 Gbit/s
+          # - BPS_5G: 5 Gbit/s
+          # - BPS_10G: 10 Gbit/s
+          # - BPS_20G: 20 Gbit/s
+          # - BPS_50G: 50 Gbit/s
       "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
         "A String",
       ],
@@ -500,22 +654,33 @@ 
Method Details

       "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
       "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
       "description": "A String", # An optional description of this resource.
-      "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-      "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+      "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+          # - AVAILABILITY_DOMAIN_ANY
+          # - AVAILABILITY_DOMAIN_1
+          # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+      "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+          # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+          # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+          # Not currently available publicly.
       "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-      "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+      "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+          # Not currently available publicly.
         "A String",
       ],
       "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
       "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+          # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+          # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
       "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
       "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
       "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -529,8 +694,17 @@ 
Method Details

       "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-      "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+      "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+          # - ACTIVE: The attachment has been turned up and is ready to use.
+          # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+          # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+          # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+          # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+          # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+      "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+          # - DEDICATED: an attachment to a Dedicated Interconnect.
+          # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+          # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
       "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
     },
   ],
@@ -539,7 +713,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -565,7 +740,7 @@ 
Method Details

 

 
 

-    patch(project, region, interconnectAttachment, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, interconnectAttachment, body=None, requestId=None)
   
Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -575,9 +750,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+{ # Represents an Interconnect Attachment (VLAN) resource.
+    # 
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
     "A String",
   ],
@@ -586,22 +775,33 @@ 
Method Details

   "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -615,21 +815,43 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -663,7 +885,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -677,7 +900,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -694,16 +917,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -737,7 +973,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -751,7 +988,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -767,10 +1004,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.interconnectLocations.html b/docs/dyn/compute_beta.interconnectLocations.html
index 0175534f3a1..351d6952807 100644
--- a/docs/dyn/compute_beta.interconnectLocations.html
+++ b/docs/dyn/compute_beta.interconnectLocations.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, interconnectLocation, x__xgafv=None)

+  get(project, interconnectLocation)

 
Returns the details for the specified interconnect location. Gets a list of available interconnect locations by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect locations available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,25 +93,28 @@ 
Method Details

 

 
 

-    get(project, interconnectLocation, x__xgafv=None)
+    get(project, interconnectLocation)
   
Returns the details for the specified interconnect location. Gets a list of available interconnect locations by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnectLocation: string, Name of the interconnect location to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect Attachment (VLAN) Location resource. You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) Location resource.
+    #
+    # You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read  Creating VLAN Attachments.
   "address": "A String", # [Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.
   "availabilityZone": "A String", # [Output Only] Availability zone for this InterconnectLocation. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: "zone1" or "zone2".
   "city": "A String", # [Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: "Chicago, IL", "Amsterdam, Netherlands".
-  "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values: - AFRICA - ASIA_PAC - EUROPE - NORTH_AMERICA - SOUTH_AMERICA
+  "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values:
+      # - AFRICA
+      # - ASIA_PAC
+      # - EUROPE
+      # - NORTH_AMERICA
+      # - SOUTH_AMERICA
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # [Output Only] An optional description of the resource.
   "facilityProvider": "A String", # [Output Only] The name of the provider for this facility (e.g., EQUINIX).
@@ -128,25 +131,33 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values: - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects. - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
+  "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values:
+      # - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects.
+      # - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
 }

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect locations available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -154,11 +165,18 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnect locations.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InterconnectLocation resources.
-    { # Represents an Interconnect Attachment (VLAN) Location resource. You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) Location resource.
+        #
+        # You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read  Creating VLAN Attachments.
       "address": "A String", # [Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.
       "availabilityZone": "A String", # [Output Only] Availability zone for this InterconnectLocation. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: "zone1" or "zone2".
       "city": "A String", # [Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: "Chicago, IL", "Amsterdam, Netherlands".
-      "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values: - AFRICA - ASIA_PAC - EUROPE - NORTH_AMERICA - SOUTH_AMERICA
+      "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values:
+          # - AFRICA
+          # - ASIA_PAC
+          # - EUROPE
+          # - NORTH_AMERICA
+          # - SOUTH_AMERICA
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # [Output Only] An optional description of the resource.
       "facilityProvider": "A String", # [Output Only] The name of the provider for this facility (e.g., EQUINIX).
@@ -175,7 +193,9 @@ 
Method Details

         },
       ],
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values: - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects. - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
+      "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values:
+          # - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects.
+          # - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
     },
   ],
   "kind": "compute#interconnectLocationList", # [Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.
@@ -183,7 +203,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.interconnects.html b/docs/dyn/compute_beta.interconnects.html
index 3d6b0263614..c9ae1b80d9c 100644
--- a/docs/dyn/compute_beta.interconnects.html
+++ b/docs/dyn/compute_beta.interconnects.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, interconnect, requestId=None, x__xgafv=None)

+  delete(project, interconnect, requestId=None)

 
Deletes the specified interconnect.

 

-  get(project, interconnect, x__xgafv=None)

+  get(project, interconnect)

 
Returns the specified interconnect. Get a list of available interconnects by making a list() request.

 

-  getDiagnostics(project, interconnect, x__xgafv=None)

+  getDiagnostics(project, interconnect)

 
Returns the interconnectDiagnostics for the specified interconnect.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a Interconnect in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, interconnect, body=None, requestId=None, x__xgafv=None)

+  patch(project, interconnect, body=None, requestId=None)

 
Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -111,22 +111,35 @@ 
Method Details

 

 
 

-    delete(project, interconnect, requestId=None, x__xgafv=None)
+    delete(project, interconnect, requestId=None)
   
Deletes the specified interconnect.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -160,7 +173,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -174,21 +188,19 @@ 
Method Details

 

 
 

-    get(project, interconnect, x__xgafv=None)
+    get(project, interconnect)
   
Returns the specified interconnect. Get a list of available interconnects by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+    { # Represents an Interconnect resource.
+    #
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -207,11 +219,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -220,36 +238,44 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }

 

 
 

-    getDiagnostics(project, interconnect, x__xgafv=None)
+    getDiagnostics(project, interconnect)
   
Returns the interconnectDiagnostics for the specified interconnect.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect resource to query. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -275,14 +301,26 @@ 
Method Details

         "lacpStatus": {
           "googleSystemId": "A String", # System ID of the port on Google's side of the LACP exchange.
           "neighborSystemId": "A String", # System ID of the port on the neighbor's side of the LACP exchange.
-          "state": "A String", # The state of a LACP link, which can take one of the following values: - ACTIVE: The link is configured and active within the bundle. - DETACHED: The link is not configured within the bundle. This means that the rest of the object should be empty.
+          "state": "A String", # The state of a LACP link, which can take one of the following values:
+              # - ACTIVE: The link is configured and active within the bundle.
+              # - DETACHED: The link is not configured within the bundle. This means that the rest of the object should be empty.
         },
         "receivingOpticalPower": { # An InterconnectDiagnostics.LinkOpticalPower object, describing the current value and status of the received light level.
-          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include: - OK: The value has not crossed a warning threshold. - LOW_WARNING: The value has crossed below the low warning threshold. - HIGH_WARNING: The value has crossed above the high warning threshold. - LOW_ALARM: The value has crossed below the low alarm threshold. - HIGH_ALARM: The value has crossed above the high alarm threshold.
+          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include:
+              # - OK: The value has not crossed a warning threshold.
+              # - LOW_WARNING: The value has crossed below the low warning threshold.
+              # - HIGH_WARNING: The value has crossed above the high warning threshold.
+              # - LOW_ALARM: The value has crossed below the low alarm threshold.
+              # - HIGH_ALARM: The value has crossed above the high alarm threshold.
           "value": 3.14, # Value of the current receiving or transmitting optical power, read in dBm. Take a known good optical value, give it a 10% margin and trigger warnings relative to that value. In general, a -7dBm warning and a -11dBm alarm are good optical value estimates for most links.
         },
         "transmittingOpticalPower": { # An InterconnectDiagnostics.LinkOpticalPower object, describing the current value and status of the transmitted light level.
-          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include: - OK: The value has not crossed a warning threshold. - LOW_WARNING: The value has crossed below the low warning threshold. - HIGH_WARNING: The value has crossed above the high warning threshold. - LOW_ALARM: The value has crossed below the low alarm threshold. - HIGH_ALARM: The value has crossed above the high alarm threshold.
+          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include:
+              # - OK: The value has not crossed a warning threshold.
+              # - LOW_WARNING: The value has crossed below the low warning threshold.
+              # - HIGH_WARNING: The value has crossed above the high warning threshold.
+              # - LOW_ALARM: The value has crossed below the low alarm threshold.
+              # - HIGH_ALARM: The value has crossed above the high alarm threshold.
           "value": 3.14, # Value of the current receiving or transmitting optical power, read in dBm. Take a known good optical value, give it a 10% margin and trigger warnings relative to that value. In general, a -7dBm warning and a -11dBm alarm are good optical value estimates for most links.
         },
       },
@@ -293,7 +331,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a Interconnect in the specified project using the data included in the request.
 
 Args:
@@ -301,7 +339,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+{ # Represents an Interconnect resource.
+    # 
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -320,11 +360,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -333,34 +379,59 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -394,7 +465,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -408,20 +480,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -429,7 +507,9 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnects.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Interconnect resources.
-    { # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+    { # Represents an Interconnect resource.
+        #
+        # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
       "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
       "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
         { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -448,11 +528,17 @@ 
Method Details

           ],
           "description": "A String", # A description about the purpose of the outage.
           "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-          "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+          "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+              # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+              # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
           "name": "A String", # Unique identifier for this outage notification.
-          "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+          "source": "A String", # The party that generated this notification, which can take the following value:
+              # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
           "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-          "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+          "state": "A String", # State of this notification, which can take one of the following values:
+              # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+              # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+              # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
         },
       ],
       "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -461,22 +547,34 @@ 
Method Details

       "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
         "A String",
       ],
-      "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+      "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+          # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+          # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
       "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+      "linkType": "A String", # Type of link requested, which can take one of the following values:
+          # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+          # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
       "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-      "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+      "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+          # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+          # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+          # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
       "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
       "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
       "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+      "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+          # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+          # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+          # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
     },
   ],
   "kind": "compute#interconnectList", # [Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.
@@ -484,7 +582,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -510,7 +609,7 @@ 
Method Details

 

 
 

-    patch(project, interconnect, body=None, requestId=None, x__xgafv=None)
+    patch(project, interconnect, body=None, requestId=None)
   
Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -519,7 +618,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+{ # Represents an Interconnect resource.
+    # 
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -538,11 +639,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -551,34 +658,59 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an Interconnect.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an Interconnect.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -612,7 +744,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -626,7 +759,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -642,15 +775,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -684,7 +826,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -698,7 +841,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -713,10 +856,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.licenseCodes.html b/docs/dyn/compute_beta.licenseCodes.html
index 52ed76a21b5..d9738b6c368 100644
--- a/docs/dyn/compute_beta.licenseCodes.html
+++ b/docs/dyn/compute_beta.licenseCodes.html
@@ -78,11 +78,11 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, licenseCode, x__xgafv=None)

-
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  get(project, licenseCode)

+
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

-
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  testIamPermissions(project, resource, body=None)

+
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 
Method Details

 

     close()
@@ -90,21 +90,19 @@ 
Method Details

 

 
 

-    get(project, licenseCode, x__xgafv=None)
-  
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    get(project, licenseCode)
+  
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   licenseCode: string, Number corresponding to the License code resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a License Code resource. A License Code is a unique identifier used to represent a license resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License Code resource.
+    #
+    # A License Code is a unique identifier used to represent a license resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenseCodes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # [Output Only] Description of this License Code.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -123,8 +121,8 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
-  
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    testIamPermissions(project, resource, body=None)
+  
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -138,10 +136,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.licenses.html b/docs/dyn/compute_beta.licenses.html
index 883fad60630..08fb9b41739 100644
--- a/docs/dyn/compute_beta.licenses.html
+++ b/docs/dyn/compute_beta.licenses.html
@@ -78,29 +78,29 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, license, requestId=None, x__xgafv=None)

-
Deletes the specified license. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  delete(project, license, requestId=None)

+
Deletes the specified license.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  get(project, license, x__xgafv=None)

-
Returns the specified License resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  get(project, license)

+
Returns the specified License resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

-
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

+
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

-
Create a License resource in the specified project. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  insert(project, body=None, requestId=None)

+
Create a License resource in the specified project.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

-
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

+
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

-
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  setIamPolicy(project, resource, body=None)

+
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

-
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  testIamPermissions(project, resource, body=None)

+
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 
Method Details

 

     close()
@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, license, requestId=None, x__xgafv=None)
-  
Deletes the specified license. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    delete(project, license, requestId=None)
+  
Deletes the specified license.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   license: string, Name of the license resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,21 +185,19 @@ 
Method Details

 

 
 

-    get(project, license, x__xgafv=None)
-  
Returns the specified License resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    get(project, license)
+  
Returns the specified License resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   license: string, Name of the License resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License resource.
+    #
+    # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
   "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -203,34 +215,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
-  
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
+  
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -238,84 +274,154 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
-  
Create a License resource in the specified project. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    insert(project, body=None, requestId=None)
+  
Create a License resource in the specified project.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+{ # Represents a License resource.
+    # 
+    # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
   "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -331,16 +437,29 @@ 
Method Details

   "transferable": True or False, # If false, licenses will not be copied from the source resource when creating an image from a disk, disk from snapshot, or snapshot from disk.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -374,7 +493,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -388,20 +508,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
-  
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
+  
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -409,7 +535,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of License resources.
-    { # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License resource.
+        #
+        # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
       "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -429,7 +557,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -455,8 +584,8 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
-  
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    setIamPolicy(project, resource, body=None)
+  
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -467,33 +596,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -501,95 +704,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -597,77 +892,145 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
-  
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    testIamPermissions(project, resource, body=None)
+  
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -681,10 +1044,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.machineImages.html b/docs/dyn/compute_beta.machineImages.html
index b227eae52cc..550b049dd91 100644
--- a/docs/dyn/compute_beta.machineImages.html
+++ b/docs/dyn/compute_beta.machineImages.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, machineImage, requestId=None, x__xgafv=None)

+  delete(project, machineImage, requestId=None)

 
Deletes the specified machine image. Deleting a machine image is permanent and cannot be undone.

 

-  get(project, machineImage, x__xgafv=None)

+  get(project, machineImage)

 
Returns the specified machine image. Gets a list of available machine images by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, sourceInstance=None, x__xgafv=None)

+  insert(project, body=None, requestId=None, sourceInstance=None)

 
Creates a machine image in the specified project using the data that is included in the request. If you are creating a new machine image to update an existing instance, your new machine image should use the same network or, if applicable, the same subnetwork as the original instance.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of machine images that are contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, machineImage, requestId=None, x__xgafv=None)
+    delete(project, machineImage, requestId=None)
   
Deletes the specified machine image. Deleting a machine image is permanent and cannot be undone.
 
 Args:
   project: string, Project ID for this request. (required)
   machineImage: string, The name of the machine image to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,31 +185,40 @@ 
Method Details

 

 
 

-    get(project, machineImage, x__xgafv=None)
+    get(project, machineImage)
   
Returns the specified machine image. Gets a list of available machine images by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   machineImage: string, The name of the machine image. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a machine image resource. A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images.
+    { # Represents a machine image resource.
+    #
+    # A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images. (== resource_for {$api_version}.machineImages ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this machine image in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
   "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
-  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
+  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key.
+      #
+      # After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request.
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the machine image.
+      #
+      # If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -207,13 +230,23 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
-      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
     },
   ],
-  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceProperties": { # [Output Only] Properties of source instance.
     "canIpForward": True or False, # Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
     "deletionProtection": True or False, # Whether the instance created from this machine image should be protected against deletion.
@@ -227,14 +260,19 @@ 
Method Details

           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in base-2 GB.
-        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project/zones/zone/diskTypes/pd-standard or pd-ssd
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # Specifies zero-based index of the disk that is attached to the source instance.
@@ -261,9 +299,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from this machine image.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -280,7 +320,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -300,26 +344,43 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -346,7 +407,9 @@ 
Method Details

       },
     ],
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -361,34 +424,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -396,76 +483,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, sourceInstance=None, x__xgafv=None)
+    insert(project, body=None, requestId=None, sourceInstance=None)
   
Creates a machine image in the specified project using the data that is included in the request. If you are creating a new machine image to update an existing instance, your new machine image should use the same network or, if applicable, the same subnetwork as the original instance.
 
 Args:
@@ -473,17 +628,30 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a machine image resource. A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images.
+{ # Represents a machine image resource.
+    # 
+    # A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images. (== resource_for {$api_version}.machineImages ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this machine image in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
   "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
-  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
+  "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key.
+      # 
+      # After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the machine image.
+      # 
+      # If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -495,13 +663,23 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
-      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+      "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
     },
   ],
-  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceProperties": { # [Output Only] Properties of source instance.
     "canIpForward": True or False, # Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
     "deletionProtection": True or False, # Whether the instance created from this machine image should be protected against deletion.
@@ -515,14 +693,19 @@ 
Method Details

           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in base-2 GB.
-        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project/zones/zone/diskTypes/pd-standard or pd-ssd
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # Specifies zero-based index of the disk that is attached to the source instance.
@@ -549,9 +732,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from this machine image.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -568,7 +753,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -588,26 +777,43 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -634,7 +840,9 @@ 
Method Details

       },
     ],
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -647,17 +855,30 @@ 
Method Details

   "totalStorageBytes": "A String", # [Output Only] Total size of the storage used by the machine image.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceInstance: string, Required. Source instance that is used to create the machine image from.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -691,7 +912,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -705,20 +927,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of machine images that are contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -726,17 +954,30 @@ 
Method Details

     { # A list of machine images.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of MachineImage resources.
-    { # Represents a machine image resource. A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images.
+    { # Represents a machine image resource.
+        #
+        # A machine image is a Compute Engine resource that stores all the configuration, metadata, permissions, and data from one or more disks required to create a Virtual machine (VM) instance. For more information, see Machine images. (== resource_for {$api_version}.machineImages ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this machine image in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
       "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
-      "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
+      "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key.
+          #
+          # After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request.
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the machine image.
+          #
+          # If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -748,13 +989,23 @@ 
Method Details

             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+          "sourceDisk": "A String", # URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+              # - projects/project/zones/zone/disks/disk
+              # - zones/zone/disks/disk
         },
       ],
-      "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+      "sourceInstance": "A String", # The source instance used to create the machine image. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
       "sourceInstanceProperties": { # [Output Only] Properties of source instance.
         "canIpForward": True or False, # Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
         "deletionProtection": True or False, # Whether the instance created from this machine image should be protected against deletion.
@@ -768,14 +1019,19 @@ 
Method Details

               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
             "diskSizeGb": "A String", # The size of the disk in base-2 GB.
-            "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+            "diskType": "A String", # [Output Only] URL of the disk type resource. For example: projects/project/zones/zone/diskTypes/pd-standard or pd-ssd
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "index": 42, # Specifies zero-based index of the disk that is attached to the source instance.
@@ -802,9 +1058,11 @@ 
Method Details

         },
         "machineType": "A String", # The machine type to use for instances that are created from this machine image.
         "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
           "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
+            {
               "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
               "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
             },
@@ -821,7 +1079,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -841,26 +1103,43 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
             "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
             "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
             "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
             "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
             "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
           },
         ],
         "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
           "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
           "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -887,7 +1166,9 @@ 
Method Details

           },
         ],
         "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
             "A String",
           ],
@@ -905,7 +1186,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -931,7 +1213,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -943,33 +1225,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -977,95 +1333,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1073,76 +1521,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1157,10 +1673,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.machineTypes.html b/docs/dyn/compute_beta.machineTypes.html
index b94efa1b444..b5bb3b3d1b6 100644
--- a/docs/dyn/compute_beta.machineTypes.html
+++ b/docs/dyn/compute_beta.machineTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . machineTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of machine types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, machineType, x__xgafv=None)

+  get(project, zone, machineType)

 
Returns the specified machine type. Gets a list of available machine types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of machine types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of machine types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of MachineTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of machine types.
       "machineTypes": [ # [Output Only] A list of machine types contained in this scope.
-        { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+        { # Represents a Machine Type resource.
+            #
+            # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
           "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
             {
               "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -148,7 +156,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the machine types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,7 +175,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,22 +207,20 @@ 
Method Details

 

 
 

-    get(project, zone, machineType, x__xgafv=None)
+    get(project, zone, machineType)
   
Returns the specified machine type. Gets a list of available machine types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   machineType: string, Name of the machine type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+    { # Represents a Machine Type resource.
+    #
+    # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
   "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
     {
       "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -242,21 +250,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of machine types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -264,7 +278,9 @@ 
Method Details

     { # Contains a list of machine types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of MachineType resources.
-    { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+    { # Represents a Machine Type resource.
+        #
+        # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
       "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
         {
           "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -297,7 +313,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.networkEndpointGroups.html b/docs/dyn/compute_beta.networkEndpointGroups.html
index 0ad9af6fa2f..838a9565e5e 100644
--- a/docs/dyn/compute_beta.networkEndpointGroups.html
+++ b/docs/dyn/compute_beta.networkEndpointGroups.html
@@ -75,34 +75,34 @@
 
Compute Engine API . networkEndpointGroups

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups and sorts them by zone.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)

 
Attach a list of network endpoints to the specified network endpoint group.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, zone, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.

 

-  detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)

 
Detach a list of network endpoints from the specified network endpoint group.

 

-  get(project, zone, networkEndpointGroup, x__xgafv=None)

+  get(project, zone, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups that are located in the specified project and zone.

 

-  listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the network endpoints in the specified network endpoint group.

 

   listNetworkEndpoints_next(previous_request, previous_response)

@@ -111,25 +111,31 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups and sorts them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -139,23 +145,57 @@ 
Method Details

   "items": { # A list of NetworkEndpointGroupsScopedList resources.
     "a_key": { # The name of the scope that contains this set of network endpoint groups.
       "networkEndpointGroups": [ # [Output Only] The list of network endpoint groups that are contained in this scope.
-        { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+        { # Represents a collection of network endpoints.
+            #
+            # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
           "annotations": { # Metadata defined as annotations on the network endpoint group.
             "a_key": "A String",
           },
-          "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-            "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-            "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+          "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+            "service": "A String", # Optional serving service.
+                #
+                # The service name is case-sensitive and must be 1-63 characters long.
+                #
+                # Example value: "default", "my-service".
+            "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+                #
+                # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+            "version": "A String", # Optional serving version.
+                #
+                # The version name is case-sensitive and must be 1-100 characters long.
+                #
+                # Example value: "v1", "v2".
           },
-          "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-            "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+          "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+            "function": "A String", # A user-defined name of the Cloud Function.
+                #
+                # The function name is case-sensitive and must be 1-63 characters long.
+                #
+                # Example value: "func1".
+            "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+                #
+                # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
           },
-          "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-            "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-            "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+          "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+            "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+                #
+                # The service must be 1-63 characters long, and comply with RFC1035.
+                #
+                # Example value: "run-service".
+            "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+                #
+                # The tag must be 1-63 characters long, and comply with RFC1035.
+                #
+                # Example value: "revision-0010".
+            "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+                #
+                # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -180,7 +220,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that replaces the list of network endpoint groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -198,7 +239,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -224,7 +266,7 @@ 
Method Details

 

 
 

-    attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)
   
Attach a list of network endpoints to the specified network endpoint group.
 
 Args:
@@ -241,23 +283,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -291,7 +348,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -310,23 +368,36 @@ 
Method Details

 

 
 

-    delete(project, zone, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, zone, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -360,7 +431,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -374,7 +446,7 @@ 
Method Details

 

 
 

-    detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)
   
Detach a list of network endpoints from the specified network endpoint group.
 
 Args:
@@ -391,23 +463,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -441,7 +528,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -455,38 +543,68 @@ 
Method Details

 

 
 

-    get(project, zone, networkEndpointGroup, x__xgafv=None)
+    get(project, zone, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -511,7 +629,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -520,23 +638,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -559,16 +711,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -602,7 +767,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -616,21 +782,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups that are located in the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -638,23 +810,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -682,7 +888,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -694,7 +901,7 @@ 
Method Details

 

 
 

-    listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the network endpoints in the specified network endpoint group.
 
 Args:
@@ -712,7 +919,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -721,15 +930,21 @@ 
Method Details

   "healthStatus": "A String", # Optional query parameter for showing the health status of each network endpoint. Valid options are SKIP or SHOW. If you don't specify this parameter, the health status of network endpoints will not be provided.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -746,10 +961,16 @@ 
Method Details

           "forwardingRule": { # URL of the forwarding rule associated with the health state of the network endpoint.
             "forwardingRule": "A String",
           },
-          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check # URL of the health check associated with the health state of the network endpoint.
+          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: # URL of the health check associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+              # - projects/project-id/global/httpHealthChecks/health-check
+              # - global/httpHealthChecks/health-check
             "healthCheck": "A String",
           },
-          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service - projects/project-id/regions/us-west1/healthCheckServices/health-check-service - regions/us-west1/healthCheckServices/health-check-service # URL of the health check service associated with the health state of the network endpoint.
+          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: # URL of the health check service associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - regions/us-west1/healthCheckServices/health-check-service
             "healthCheckService": "A String",
           },
           "healthState": "A String", # Health state of the network endpoint determined based on the health checks configured.
@@ -760,7 +981,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -770,7 +993,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -810,7 +1034,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -826,10 +1050,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.networks.html b/docs/dyn/compute_beta.networks.html
index 6f7d0a81aab..c7ea49ba09d 100644
--- a/docs/dyn/compute_beta.networks.html
+++ b/docs/dyn/compute_beta.networks.html
@@ -75,28 +75,28 @@
 
Compute Engine API . networks

 
Instance Methods

 

-  addPeering(project, network, body=None, requestId=None, x__xgafv=None)

+  addPeering(project, network, body=None, requestId=None)

 
Adds a peering to the specified network.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, network, requestId=None, x__xgafv=None)

+  delete(project, network, requestId=None)

 
Deletes the specified network.

 

-  get(project, network, x__xgafv=None)

+  get(project, network)

 
Returns the specified network. Gets a list of available networks by making a list() request.

 

-  getEffectiveFirewalls(project, network, x__xgafv=None)

+  getEffectiveFirewalls(project, network)

 
Returns the effective firewalls on a given network.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a network in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of networks available to the specified project.

 

-  listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None, x__xgafv=None)

+  listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None)

 
Lists the peering routes exchanged over peering connection.

 

   listPeeringRoutes_next(previous_request, previous_response)

@@ -105,23 +105,23 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, network, body=None, requestId=None, x__xgafv=None)

+  patch(project, network, body=None, requestId=None)

 
Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.

 

-  removePeering(project, network, body=None, requestId=None, x__xgafv=None)

+  removePeering(project, network, body=None, requestId=None)

 
Removes a peering from the specified network.

 

-  switchToCustomMode(project, network, requestId=None, x__xgafv=None)

+  switchToCustomMode(project, network, requestId=None)

 
Switches the network mode from auto subnet mode to custom subnet mode.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  updatePeering(project, network, body=None, requestId=None, x__xgafv=None)

+  updatePeering(project, network, body=None, requestId=None)

 
Updates the specified network peering with the data included in the request Only the following fields can be modified: NetworkPeering.export_custom_routes, and NetworkPeering.import_custom_routes

 
Method Details

 

-    addPeering(project, network, body=None, requestId=None, x__xgafv=None)
+    addPeering(project, network, body=None, requestId=None)
   
Adds a peering to the specified network.
 
 Args:
@@ -149,16 +149,29 @@ 
Method Details

   "peerNetwork": "A String", # URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -192,7 +205,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -211,22 +225,35 @@ 
Method Details

 

 
 

-    delete(project, network, requestId=None, x__xgafv=None)
+    delete(project, network, requestId=None)
   
Deletes the specified network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -260,7 +287,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -274,23 +302,27 @@ 
Method Details

 

 
 

-    get(project, network, x__xgafv=None)
+    get(project, network)
   
Returns the specified network. Gets a list of available networks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a VPC Network resource.
+    #
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      #
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      #
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      #
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -324,16 +356,12 @@ 
Method Details

 

 
 

-    getEffectiveFirewalls(project, network, x__xgafv=None)
+    getEffectiveFirewalls(project, network)
   
Returns the effective firewalls on a given network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -358,7 +386,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -382,11 +412,15 @@ 
Method Details

     },
   ],
   "firewalls": [ # Effective firewalls on the network.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -395,7 +429,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -414,7 +450,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -442,17 +483,27 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -461,7 +512,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -473,7 +542,9 @@ 
Method Details

           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -487,7 +558,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a network in the specified project using the data included in the request.
 
 Args:
@@ -495,9 +566,17 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a VPC Network resource.
+    # 
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      # 
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      # 
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      # 
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -529,16 +608,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -572,7 +664,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -586,20 +679,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of networks available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -607,9 +706,17 @@ 
Method Details

     { # Contains a list of networks.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Network resources.
-    { # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a VPC Network resource.
+        #
+        # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
       "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-      "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+      "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+          #
+          # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+          #
+          # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+          #
+          # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
       "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -646,7 +753,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -658,7 +766,7 @@ 
Method Details

 

 
 

-    listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None, x__xgafv=None)
+    listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None)
   
Lists the peering routes exchanged over peering connection.
 
 Args:
@@ -666,19 +774,25 @@ 
Method Details

   network: string, Name of the network for this request. (required)
   direction: string, The direction of the exchanged routes.
     Allowed values
-      INCOMING - For routes exported from peer network.
-      OUTGOING - For routes exported from local network.
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+      INCOMING - 
+      OUTGOING - 
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   peeringName: string, The response will show routes exchanged over the given peering connection.
   region: string, The region of the request. The response will include all subnet routes, static routes and dynamic routes in the region.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -699,7 +813,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -739,7 +854,7 @@ 
Method Details

 

 
 

-    patch(project, network, body=None, requestId=None, x__xgafv=None)
+    patch(project, network, body=None, requestId=None)
   
Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.
 
 Args:
@@ -748,9 +863,17 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a VPC Network resource.
+    # 
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      # 
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      # 
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      # 
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -782,16 +905,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -825,7 +961,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -839,7 +976,7 @@ 
Method Details

 

 
 

-    removePeering(project, network, body=None, requestId=None, x__xgafv=None)
+    removePeering(project, network, body=None, requestId=None)
   
Removes a peering from the specified network.
 
 Args:
@@ -852,16 +989,29 @@ 
Method Details

   "name": "A String", # Name of the peering, which should conform to RFC1035.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -895,7 +1045,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -909,22 +1060,35 @@ 
Method Details

 

 
 

-    switchToCustomMode(project, network, requestId=None, x__xgafv=None)
+    switchToCustomMode(project, network, requestId=None)
   
Switches the network mode from auto subnet mode to custom subnet mode.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to be updated. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -958,7 +1122,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -972,7 +1137,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -987,10 +1152,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1003,7 +1164,7 @@ 
Method Details

 

 
 

-    updatePeering(project, network, body=None, requestId=None, x__xgafv=None)
+    updatePeering(project, network, body=None, requestId=None)
   
Updates the specified network peering with the data included in the request Only the following fields can be modified: NetworkPeering.export_custom_routes, and NetworkPeering.import_custom_routes
 
 Args:
@@ -1028,16 +1189,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1071,7 +1245,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.nodeGroups.html b/docs/dyn/compute_beta.nodeGroups.html
index ae9b051f811..7d56925507f 100644
--- a/docs/dyn/compute_beta.nodeGroups.html
+++ b/docs/dyn/compute_beta.nodeGroups.html
@@ -75,10 +75,10 @@
 
Compute Engine API . nodeGroups

 
Instance Methods

 

-  addNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  addNodes(project, zone, nodeGroup, body=None, requestId=None)

 
Adds specified number of nodes to the node group.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node groups. Note: use nodeGroups.listNodes for more details about each group.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,25 +87,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, nodeGroup, requestId=None, x__xgafv=None)

+  delete(project, zone, nodeGroup, requestId=None)

 
Deletes the specified NodeGroup resource.

 

-  deleteNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  deleteNodes(project, zone, nodeGroup, body=None, requestId=None)

 
Deletes specified nodes from the node group.

 

-  get(project, zone, nodeGroup, x__xgafv=None)

+  get(project, zone, nodeGroup)

 
Returns the specified NodeGroup. Get a list of available NodeGroups by making a list() request. Note: the "nodes" field should not be used. Use nodeGroups.listNodes instead.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, initialNodeCount, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, initialNodeCount, body=None, requestId=None)

 
Creates a NodeGroup resource in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node groups available to the specified project. Note: use nodeGroups.listNodes for more details about each group.

 

-  listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists nodes in the node group.

 

   listNodes_next(previous_request, previous_response)

@@ -114,20 +114,20 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, nodeGroup, body=None, requestId=None)

 
Updates the specified node group.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None)

 
Updates the node template of the node group.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    addNodes(project, zone, nodeGroup, body=None, requestId=None)
   
Adds specified number of nodes to the node group.
 
 Args:
@@ -141,16 +141,29 @@ 
Method Details

   "additionalNodeCount": 42, # Count of additional nodes to be added to the node group.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -184,7 +197,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -198,21 +212,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node groups. Note: use nodeGroups.listNodes for more details about each group.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -222,11 +242,13 @@ 
Method Details

   "items": { # A list of NodeGroupsScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node groups.
       "nodeGroups": [ # [Output Only] A list of node groups contained in this scope.
-        { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+        { # Represent a sole-tenant Node Group resource.
+            #
+            # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
           "autoscalingPolicy": { # Specifies how autoscaling should behave.
             "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
             "minNodes": 42, # The minimum number of nodes that the group should have.
-            "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+            "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -234,7 +256,7 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
           "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-          "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+          "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
           "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
             "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -252,7 +274,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the nodeGroup list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -270,7 +293,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -301,23 +325,36 @@ 
Method Details

 

 
 

-    delete(project, zone, nodeGroup, requestId=None, x__xgafv=None)
+    delete(project, zone, nodeGroup, requestId=None)
   
Deletes the specified NodeGroup resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the NodeGroup resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -351,7 +388,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -365,7 +403,7 @@ 
Method Details

 

 
 

-    deleteNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    deleteNodes(project, zone, nodeGroup, body=None, requestId=None)
   
Deletes specified nodes from the node group.
 
 Args:
@@ -381,16 +419,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -424,7 +475,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -438,26 +490,24 @@ 
Method Details

 

 
 

-    get(project, zone, nodeGroup, x__xgafv=None)
+    get(project, zone, nodeGroup)
   
Returns the specified NodeGroup. Get a list of available NodeGroups by making a list() request. Note: the "nodes" field should not be used. Use nodeGroups.listNodes instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the node group to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+    { # Represent a sole-tenant Node Group resource.
+    #
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -465,7 +515,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -483,7 +533,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -491,27 +541,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -519,76 +593,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, initialNodeCount, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, initialNodeCount, body=None, requestId=None)
   
Creates a NodeGroup resource in the specified project using the data included in the request.
 
 Args:
@@ -598,11 +740,13 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+{ # Represent a sole-tenant Node Group resource.
+    # 
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -610,7 +754,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -626,16 +770,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The name of the zone where the node group resides, such as us-central1-a.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -669,7 +826,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -683,21 +841,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node groups available to the specified project. Note: use nodeGroups.listNodes for more details about each group.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -705,11 +869,13 @@ 
Method Details

     { # Contains a list of nodeGroups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeGroup resources.
-    { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+    { # Represent a sole-tenant Node Group resource.
+        #
+        # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
       "autoscalingPolicy": { # Specifies how autoscaling should behave.
         "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
         "minNodes": 42, # The minimum number of nodes that the group should have.
-        "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+        "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -717,7 +883,7 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
       "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-      "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+      "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
       "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
         "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -738,7 +904,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -750,22 +917,28 @@ 
Method Details

 

 
 

-    listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists nodes in the node group.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the NodeGroup resource whose nodes you want to list. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -806,7 +979,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -846,7 +1020,7 @@ 
Method Details

 

 
 

-    patch(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, nodeGroup, body=None, requestId=None)
   
Updates the specified node group.
 
 Args:
@@ -856,11 +1030,13 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+{ # Represent a sole-tenant Node Group resource.
+    # 
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -868,7 +1044,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -884,16 +1060,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The name of the zone where the node group resides, such as us-central1-a.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -927,7 +1116,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -941,7 +1131,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -954,33 +1144,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -988,95 +1252,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1084,76 +1440,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None)
   
Updates the node template of the node group.
 
 Args:
@@ -1167,16 +1591,29 @@ 
Method Details

   "nodeTemplate": "A String", # Full or partial URL of the node template resource to be updated for this node group.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1210,7 +1647,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1224,7 +1662,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1240,10 +1678,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.nodeTemplates.html b/docs/dyn/compute_beta.nodeTemplates.html
index 6f63f237824..4f27d0980c2 100644
--- a/docs/dyn/compute_beta.nodeTemplates.html
+++ b/docs/dyn/compute_beta.nodeTemplates.html
@@ -75,7 +75,7 @@
 
Compute Engine API . nodeTemplates

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node templates.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, nodeTemplate, requestId=None, x__xgafv=None)

+  delete(project, region, nodeTemplate, requestId=None)

 
Deletes the specified NodeTemplate resource.

 

-  get(project, region, nodeTemplate, x__xgafv=None)

+  get(project, region, nodeTemplate)

 
Returns the specified node template. Gets a list of available node templates by making a list() request.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a NodeTemplate resource in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node templates available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node templates.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,7 +139,9 @@ 
Method Details

   "items": { # A list of NodeTemplatesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node templates.
       "nodeTemplates": [ # [Output Only] A list of node templates contained in this scope.
-        { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+        { # Represent a sole-tenant Node Template resource.
+            #
+            # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
           "accelerators": [
             { # A specification of the type and number of accelerator cards attached to the instance.
               "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -157,14 +165,20 @@ 
Method Details

             "a_key": "A String",
           },
           "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-          "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+          "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+              #
+              # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
             "cpus": "A String",
             "localSsd": "A String",
             "memory": "A String",
           },
           "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+          "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+              # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+              # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+              #
+              # See Sole-tenant node options for more information.
             "type": "A String",
           },
           "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -173,7 +187,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the node templates list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,7 +206,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -222,23 +238,36 @@ 
Method Details

 

 
 

-    delete(project, region, nodeTemplate, requestId=None, x__xgafv=None)
+    delete(project, region, nodeTemplate, requestId=None)
   
Deletes the specified NodeTemplate resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   nodeTemplate: string, Name of the NodeTemplate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -272,7 +301,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -286,22 +316,20 @@ 
Method Details

 

 
 

-    get(project, region, nodeTemplate, x__xgafv=None)
+    get(project, region, nodeTemplate)
   
Returns the specified node template. Gets a list of available node templates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   nodeTemplate: string, Name of the node template to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+    { # Represent a sole-tenant Node Template resource.
+    #
+    # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
   "accelerators": [
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -325,14 +353,20 @@ 
Method Details

     "a_key": "A String",
   },
   "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+      #
+      # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
     "cpus": "A String",
     "localSsd": "A String",
     "memory": "A String",
   },
   "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+  "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+      # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+      # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+      #
+      # See Sole-tenant node options for more information.
     "type": "A String",
   },
   "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -341,7 +375,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -349,27 +383,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -377,76 +435,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a NodeTemplate resource in the specified project using the data included in the request.
 
 Args:
@@ -455,7 +581,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+{ # Represent a sole-tenant Node Template resource.
+    # 
+    # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
   "accelerators": [
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -479,30 +607,49 @@ 
Method Details

     "a_key": "A String",
   },
   "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+      # 
+      # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
     "cpus": "A String",
     "localSsd": "A String",
     "memory": "A String",
   },
   "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+  "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+      # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+      # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+      # 
+      # See Sole-tenant node options for more information.
     "type": "A String",
   },
   "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -536,7 +683,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -550,21 +698,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node templates available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -572,7 +726,9 @@ 
Method Details

     { # Contains a list of node templates.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeTemplate resources.
-    { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+    { # Represent a sole-tenant Node Template resource.
+        #
+        # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
       "accelerators": [
         { # A specification of the type and number of accelerator cards attached to the instance.
           "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -596,14 +752,20 @@ 
Method Details

         "a_key": "A String",
       },
       "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-      "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+      "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+          #
+          # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
         "cpus": "A String",
         "localSsd": "A String",
         "memory": "A String",
       },
       "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+      "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+          # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+          # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+          #
+          # See Sole-tenant node options for more information.
         "type": "A String",
       },
       "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -615,7 +777,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -641,7 +804,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -654,33 +817,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -688,95 +925,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -784,76 +1113,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -869,10 +1266,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.nodeTypes.html b/docs/dyn/compute_beta.nodeTypes.html
index f7ffcc4479a..8e9d8f52d31 100644
--- a/docs/dyn/compute_beta.nodeTypes.html
+++ b/docs/dyn/compute_beta.nodeTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . nodeTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, nodeType, x__xgafv=None)

+  get(project, zone, nodeType)

 
Returns the specified node type. Gets a list of available node types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of NodeTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node types.
       "nodeTypes": [ # [Output Only] A list of node types contained in this scope.
-        { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+        { # Represent a sole-tenant Node Type resource.
+            #
+            # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
           "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -141,7 +149,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the node types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -159,7 +168,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -190,22 +200,20 @@ 
Method Details

 

 
 

-    get(project, zone, nodeType, x__xgafv=None)
+    get(project, zone, nodeType)
   
Returns the specified node type. Gets a list of available node types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeType: string, Name of the node type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+    { # Represent a sole-tenant Node Type resource.
+    #
+    # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
   "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -228,21 +236,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -250,7 +264,9 @@ 
Method Details

     { # Contains a list of node types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeType resources.
-    { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+    { # Represent a sole-tenant Node Type resource.
+        #
+        # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
       "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -276,7 +292,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.organizationSecurityPolicies.html b/docs/dyn/compute_beta.organizationSecurityPolicies.html
index eb299794bc4..7e0cf3a0005 100644
--- a/docs/dyn/compute_beta.organizationSecurityPolicies.html
+++ b/docs/dyn/compute_beta.organizationSecurityPolicies.html
@@ -75,59 +75,59 @@
 
Compute Engine API . organizationSecurityPolicies

 
Instance Methods

 

-  addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)

+  addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None)

 
Inserts an association for the specified security policy.

 

-  addRule(securityPolicy, body=None, requestId=None, x__xgafv=None)

+  addRule(securityPolicy, body=None, requestId=None)

 
Inserts a rule into a security policy.

 

   close()

 
Close httplib2 connections.

 

-  copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None, x__xgafv=None)

+  copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None)

 
Copies rules to the specified security policy.

 

-  delete(securityPolicy, requestId=None, x__xgafv=None)

+  delete(securityPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(securityPolicy, x__xgafv=None)

+  get(securityPolicy)

 
List all of the ordered rules present in a single specified policy.

 

-  getAssociation(securityPolicy, name=None, x__xgafv=None)

+  getAssociation(securityPolicy, name=None)

 
Gets an association with the specified name.

 

-  getRule(securityPolicy, priority=None, x__xgafv=None)

+  getRule(securityPolicy, priority=None)

 
Gets a rule at the specified priority.

 

-  insert(body=None, parentId=None, requestId=None, x__xgafv=None)

+  insert(body=None, parentId=None, requestId=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
List all the policies that have been configured for the specified project.

 

-  listAssociations(targetResource=None, x__xgafv=None)

+  listAssociations(targetResource=None)

 
Lists associations of a specified target, i.e., organization or folder.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  move(securityPolicy, parentId=None, requestId=None, x__xgafv=None)

+  move(securityPolicy, parentId=None, requestId=None)

 
Moves the specified security policy.

 

-  patch(securityPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(securityPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 

-  patchRule(securityPolicy, body=None, priority=None, requestId=None, x__xgafv=None)

+  patchRule(securityPolicy, body=None, priority=None, requestId=None)

 
Patches a rule at the specified priority.

 

-  removeAssociation(securityPolicy, name=None, requestId=None, x__xgafv=None)

+  removeAssociation(securityPolicy, name=None, requestId=None)

 
Removes an association for the specified security policy.

 

-  removeRule(securityPolicy, priority=None, requestId=None, x__xgafv=None)

+  removeRule(securityPolicy, priority=None, requestId=None)

 
Deletes a rule at the specified priority.

 
Method Details

 

-    addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)
+    addAssociation(securityPolicy, body=None, replaceExistingAssociation=None, requestId=None)
   
Inserts an association for the specified security policy.
 
 Args:
@@ -143,16 +143,29 @@ 
Method Details

 }
 
   replaceExistingAssociation: boolean, Indicates whether or not to replace it if an association of the attachment already exists. This is false by default, in which case an error will be returned if an association already exists.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -186,7 +199,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -200,7 +214,7 @@ 
Method Details

 

 
 

-    addRule(securityPolicy, body=None, requestId=None, x__xgafv=None)
+    addRule(securityPolicy, body=None, requestId=None)
   
Inserts a rule into a security policy.
 
 Args:
@@ -212,17 +226,27 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -231,7 +255,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -243,7 +285,9 @@ 
Method Details

   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -251,16 +295,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -294,7 +351,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -313,22 +371,35 @@ 
Method Details

 

 
 

-    copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None, x__xgafv=None)
+    copyRules(securityPolicy, requestId=None, sourceSecurityPolicy=None)
   
Copies rules to the specified security policy.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceSecurityPolicy: string, The security policy from which to copy rules.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -362,7 +433,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -376,21 +448,34 @@ 
Method Details

 

 
 

-    delete(securityPolicy, requestId=None, x__xgafv=None)
+    delete(securityPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   securityPolicy: string, Name of the security policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -424,7 +509,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -438,20 +524,18 @@ 
Method Details

 

 
 

-    get(securityPolicy, x__xgafv=None)
+    get(securityPolicy)
   
List all of the ordered rules present in a single specified policy.
 
 Args:
   securityPolicy: string, Name of the security policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+    #
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -473,10 +557,14 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -488,17 +576,27 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -507,7 +605,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -519,7 +635,9 @@ 
Method Details

       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -534,16 +652,12 @@ 
Method Details

 

 
 

-    getAssociation(securityPolicy, name=None, x__xgafv=None)
+    getAssociation(securityPolicy, name=None)
   
Gets an association with the specified name.
 
 Args:
   securityPolicy: string, Name of the security policy to which the queried rule belongs. (required)
   name: string, The name of the association to get from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -557,16 +671,12 @@ 
Method Details

 

 
 

-    getRule(securityPolicy, priority=None, x__xgafv=None)
+    getRule(securityPolicy, priority=None)
   
Gets a rule at the specified priority.
 
 Args:
   securityPolicy: string, Name of the security policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -575,17 +685,27 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      #
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -594,7 +714,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -606,7 +744,9 @@ 
Method Details

   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      #
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -616,14 +756,16 @@ 
Method Details

 

 
 

-    insert(body=None, parentId=None, requestId=None, x__xgafv=None)
+    insert(body=None, parentId=None, requestId=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -645,10 +787,14 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -660,17 +806,27 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -679,7 +835,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -691,7 +865,9 @@ 
Method Details

       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -705,16 +881,29 @@ 
Method Details

 }
 
   parentId: string, Parent ID for this request. The ID can be either be "folders/[FOLDER_ID]" if the parent is a folder or "organizations/[ORGANIZATION_ID]" if the parent is an organization.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -748,7 +937,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -762,20 +952,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
List all the policies that have been configured for the specified project.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -783,7 +979,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SecurityPolicy resources.
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+        #
+        # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
       "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
         "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
           "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -805,10 +1003,14 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -820,17 +1022,27 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -839,7 +1051,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -851,7 +1081,9 @@ 
Method Details

           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -868,7 +1100,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -880,15 +1113,11 @@ 
Method Details

 

 
 

-    listAssociations(targetResource=None, x__xgafv=None)
+    listAssociations(targetResource=None)
   
Lists associations of a specified target, i.e., organization or folder.
 
 Args:
   targetResource: string, The target resource to list associations. It is an organization, or a folder.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -921,22 +1150,35 @@ 
Method Details

 

 
 

-    move(securityPolicy, parentId=None, requestId=None, x__xgafv=None)
+    move(securityPolicy, parentId=None, requestId=None)
   
Moves the specified security policy.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
   parentId: string, The new parent of the security policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -970,7 +1212,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -984,7 +1227,7 @@ 
Method Details

 

 
 

-    patch(securityPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(securityPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -992,7 +1235,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -1014,10 +1259,14 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -1029,17 +1278,27 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -1048,7 +1307,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1060,7 +1337,9 @@ 
Method Details

       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1073,16 +1352,29 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1116,7 +1408,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1130,7 +1423,7 @@ 
Method Details

 

 
 

-    patchRule(securityPolicy, body=None, priority=None, requestId=None, x__xgafv=None)
+    patchRule(securityPolicy, body=None, priority=None, requestId=None)
   
Patches a rule at the specified priority.
 
 Args:
@@ -1142,17 +1435,27 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -1161,7 +1464,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -1173,7 +1494,9 @@ 
Method Details

   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -1182,16 +1505,29 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1225,7 +1561,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1239,22 +1576,35 @@ 
Method Details

 

 
 

-    removeAssociation(securityPolicy, name=None, requestId=None, x__xgafv=None)
+    removeAssociation(securityPolicy, name=None, requestId=None)
   
Removes an association for the specified security policy.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
   name: string, Name for the attachment that will be removed.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1288,7 +1638,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1302,22 +1653,35 @@ 
Method Details

 

 
 

-    removeRule(securityPolicy, priority=None, requestId=None, x__xgafv=None)
+    removeRule(securityPolicy, priority=None, requestId=None)
   
Deletes a rule at the specified priority.
 
 Args:
   securityPolicy: string, Name of the security policy to update. (required)
   priority: integer, The priority of the rule to remove from the security policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1351,7 +1715,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.packetMirrorings.html b/docs/dyn/compute_beta.packetMirrorings.html
index a3529785971..6b515e2e648 100644
--- a/docs/dyn/compute_beta.packetMirrorings.html
+++ b/docs/dyn/compute_beta.packetMirrorings.html
@@ -75,7 +75,7 @@
 
Compute Engine API . packetMirrorings

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of packetMirrorings.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, packetMirroring, requestId=None, x__xgafv=None)

+  delete(project, region, packetMirroring, requestId=None)

 
Deletes the specified PacketMirroring resource.

 

-  get(project, region, packetMirroring, x__xgafv=None)

+  get(project, region, packetMirroring)

 
Returns the specified PacketMirroring resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a PacketMirroring resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of PacketMirroring resources available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, packetMirroring, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, packetMirroring, body=None, requestId=None)

 
Patches the specified PacketMirroring resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of packetMirrorings.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,14 +136,18 @@ 
Method Details

   "items": { # A list of PacketMirroring resources.
     "a_key": { # Name of the scope containing this set of packetMirrorings.
       "packetMirrorings": [ # A list of packetMirrorings contained in this scope.
-        { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+        { # Represents a Packet Mirroring resource.
+            #
+            # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
           "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
             "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+          "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+              #
+              # The default is TRUE.
           "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
             "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
               "A String",
@@ -150,13 +160,19 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
           "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-            "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+            "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+                #
+                # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+                #
+                # You may specify a maximum of 50 Instances.
               {
                 "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
                 "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
               },
             ],
-            "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+            "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+                #
+                # You may specify a maximum of 5 subnetworks.
               {
                 "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
                 "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -171,14 +187,17 @@ 
Method Details

             "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
             "url": "A String", # URL of the network resource.
           },
-          "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+          "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+              #
+              # Default value is 1000. Valid range is 0 through 65535.
           "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
         },
       ],
       "warning": { # Informational warning which replaces the list of packetMirrorings when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -196,7 +215,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -227,23 +247,36 @@ 
Method Details

 

 
 

-    delete(project, region, packetMirroring, requestId=None, x__xgafv=None)
+    delete(project, region, packetMirroring, requestId=None)
   
Deletes the specified PacketMirroring resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   packetMirroring: string, Name of the PacketMirroring resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -277,7 +310,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -291,29 +325,29 @@ 
Method Details

 

 
 

-    get(project, region, packetMirroring, x__xgafv=None)
+    get(project, region, packetMirroring)
   
Returns the specified PacketMirroring resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   packetMirroring: string, Name of the PacketMirroring resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+    { # Represents a Packet Mirroring resource.
+    #
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      #
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -326,13 +360,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -347,14 +387,16 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      #
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a PacketMirroring resource in the specified project and region using the data included in the request.
 
 Args:
@@ -363,14 +405,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+{ # Represents a Packet Mirroring resource.
+    # 
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      # 
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -383,13 +429,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -404,21 +456,36 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      # 
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -452,7 +519,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -466,21 +534,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of PacketMirroring resources available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -488,14 +562,18 @@ 
Method Details

     { # Contains a list of PacketMirroring resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of PacketMirroring resources.
-    { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+    { # Represents a Packet Mirroring resource.
+        #
+        # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
       "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
         "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+      "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+          #
+          # The default is TRUE.
       "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
         "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
           "A String",
@@ -508,13 +586,19 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
       "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-        "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+        "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+            #
+            # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+            #
+            # You may specify a maximum of 50 Instances.
           {
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
             "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
           },
         ],
-        "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+        "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+            #
+            # You may specify a maximum of 5 subnetworks.
           {
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
             "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -529,7 +613,9 @@ 
Method Details

         "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
         "url": "A String", # URL of the network resource.
       },
-      "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+      "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+          #
+          # Default value is 1000. Valid range is 0 through 65535.
       "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
     },
@@ -539,7 +625,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -565,7 +652,7 @@ 
Method Details

 

 
 

-    patch(project, region, packetMirroring, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, packetMirroring, body=None, requestId=None)
   
Patches the specified PacketMirroring resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -575,14 +662,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+{ # Represents a Packet Mirroring resource.
+    # 
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      # 
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -595,13 +686,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -616,21 +713,36 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      # 
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -664,7 +776,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -678,7 +791,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -694,10 +807,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.projects.html b/docs/dyn/compute_beta.projects.html
index f297e58c001..4a0a9f68dfc 100644
--- a/docs/dyn/compute_beta.projects.html
+++ b/docs/dyn/compute_beta.projects.html
@@ -78,49 +78,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  disableXpnHost(project, requestId=None, x__xgafv=None)

+  disableXpnHost(project, requestId=None)

 
Disable this project as a shared VPC host project.

 

-  disableXpnResource(project, body=None, requestId=None, x__xgafv=None)

+  disableXpnResource(project, body=None, requestId=None)

 
Disable a service resource (also known as service project) associated with this host project.

 

-  enableXpnHost(project, requestId=None, x__xgafv=None)

+  enableXpnHost(project, requestId=None)

 
Enable this project as a shared VPC host project.

 

-  enableXpnResource(project, body=None, requestId=None, x__xgafv=None)

+  enableXpnResource(project, body=None, requestId=None)

 
Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.

 

-  get(project, x__xgafv=None)

+  get(project)

 
Returns the specified Project resource.

 

-  getXpnHost(project, x__xgafv=None)

+  getXpnHost(project)

 
Gets the shared VPC host project that this project links to. May be empty if no link exists.

 

-  getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Gets service resources (a.k.a service project) associated with this host project.

 

   getXpnResources_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all shared VPC host projects visible to the user in an organization.

 

   listXpnHosts_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  moveDisk(project, body=None, requestId=None, x__xgafv=None)

+  moveDisk(project, body=None, requestId=None)

 
Moves a persistent disk from one zone to another.

 

-  moveInstance(project, body=None, requestId=None, x__xgafv=None)

+  moveInstance(project, body=None, requestId=None)

 
Moves an instance and its attached persistent disks from one zone to another.

 

-  setCommonInstanceMetadata(project, body=None, requestId=None, x__xgafv=None)

+  setCommonInstanceMetadata(project, body=None, requestId=None)

 
Sets metadata common to all instances within the specified project using the data included in the request.

 

-  setDefaultNetworkTier(project, body=None, requestId=None, x__xgafv=None)

+  setDefaultNetworkTier(project, body=None, requestId=None)

 
Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.

 

-  setUsageExportBucket(project, body=None, requestId=None, x__xgafv=None)

+  setUsageExportBucket(project, body=None, requestId=None)

 
Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.

 
Method Details

 

@@ -129,21 +129,34 @@ 
Method Details

 

 
 

-    disableXpnHost(project, requestId=None, x__xgafv=None)
+    disableXpnHost(project, requestId=None)
   
Disable this project as a shared VPC host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -177,7 +190,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,7 +205,7 @@ 
Method Details

 

 
 

-    disableXpnResource(project, body=None, requestId=None, x__xgafv=None)
+    disableXpnResource(project, body=None, requestId=None)
   
Disable a service resource (also known as service project) associated with this host project.
 
 Args:
@@ -206,16 +220,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -249,7 +276,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -263,21 +291,34 @@ 
Method Details

 

 
 

-    enableXpnHost(project, requestId=None, x__xgafv=None)
+    enableXpnHost(project, requestId=None)
   
Enable this project as a shared VPC host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -311,7 +352,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -325,7 +367,7 @@ 
Method Details

 

 
 

-    enableXpnResource(project, body=None, requestId=None, x__xgafv=None)
+    enableXpnResource(project, body=None, requestId=None)
   
Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.
 
 Args:
@@ -340,16 +382,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -383,7 +438,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -397,24 +453,24 @@ 
Method Details

 

 
 

-    get(project, x__xgafv=None)
+    get(project)
   
Returns the specified Project resource.
 
 Args:
   project: string, Project ID for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+    #
+    # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
   "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -428,7 +484,7 @@ 
Method Details

   "enabledFeatures": [ # Restricted features enabled for use on this project.
     "A String",
   ],
-  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
   "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
   "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
   "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -449,24 +505,24 @@ 
Method Details

 

 
 

-    getXpnHost(project, x__xgafv=None)
+    getXpnHost(project)
   
Gets the shared VPC host project that this project links to. May be empty if no link exists.
 
 Args:
   project: string, Project ID for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+    #
+    # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
   "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -480,7 +536,7 @@ 
Method Details

   "enabledFeatures": [ # Restricted features enabled for use on this project.
     "A String",
   ],
-  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
   "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
   "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
   "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -501,20 +557,26 @@ 
Method Details

 

 
 

-    getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Gets service resources (a.k.a service project) associated with this host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -546,7 +608,7 @@ 
Method Details

 

 
 

-    listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all shared VPC host projects visible to the user in an organization.
 
 Args:
@@ -558,15 +620,21 @@ 
Method Details

   "organization": "A String", # Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -574,11 +642,15 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # [Output Only] A list of shared VPC host project URLs.
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+        #
+        # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
       "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+            #
+            # To see the latest fingerprint, make a get() request to retrieve the resource.
         "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-          { # Metadata
+          {
             "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
             "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
           },
@@ -592,7 +664,7 @@ 
Method Details

       "enabledFeatures": [ # Restricted features enabled for use on this project.
         "A String",
       ],
-      "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+      "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
       "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
       "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
       "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -616,7 +688,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -642,7 +715,7 @@ 
Method Details

 

 
 

-    moveDisk(project, body=None, requestId=None, x__xgafv=None)
+    moveDisk(project, body=None, requestId=None)
   
Moves a persistent disk from one zone to another.
 
 Args:
@@ -651,20 +724,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "destinationZone": "A String", # The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone: - https://www.googleapis.com/compute/v1/projects/project/zones/zone - projects/project/zones/zone - zones/zone
-  "targetDisk": "A String", # The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+  "destinationZone": "A String", # The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone
+      # - projects/project/zones/zone
+      # - zones/zone
+  "targetDisk": "A String", # The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -698,7 +790,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -712,7 +805,7 @@ 
Method Details

 

 
 

-    moveInstance(project, body=None, requestId=None, x__xgafv=None)
+    moveInstance(project, body=None, requestId=None)
   
Moves an instance and its attached persistent disks from one zone to another.
 
 Args:
@@ -721,20 +814,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "destinationZone": "A String", # The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone: - https://www.googleapis.com/compute/v1/projects/project/zones/zone - projects/project/zones/zone - zones/zone
-  "targetInstance": "A String", # The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "destinationZone": "A String", # The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone
+      # - projects/project/zones/zone
+      # - zones/zone
+  "targetInstance": "A String", # The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -768,7 +880,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -782,7 +895,7 @@ 
Method Details

 

 
 

-    setCommonInstanceMetadata(project, body=None, requestId=None, x__xgafv=None)
+    setCommonInstanceMetadata(project, body=None, requestId=None)
   
Sets metadata common to all instances within the specified project using the data included in the request.
 
 Args:
@@ -791,9 +904,11 @@ 
Method Details

     The object takes the form of:
 
 { # A metadata key/value entry.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve the resource.
   "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-    { # Metadata
+    {
       "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
       "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
     },
@@ -801,16 +916,29 @@ 
Method Details

   "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -844,7 +972,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -858,7 +987,7 @@ 
Method Details

 

 
 

-    setDefaultNetworkTier(project, body=None, requestId=None, x__xgafv=None)
+    setDefaultNetworkTier(project, body=None, requestId=None)
   
Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.
 
 Args:
@@ -870,16 +999,29 @@ 
Method Details

   "networkTier": "A String", # Default network tier to be set.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -913,7 +1055,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -927,7 +1070,7 @@ 
Method Details

 

 
 

-    setUsageExportBucket(project, body=None, requestId=None, x__xgafv=None)
+    setUsageExportBucket(project, body=None, requestId=None)
   
Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.
 
 Args:
@@ -940,16 +1083,29 @@ 
Method Details

   "reportNamePrefix": "A String", # An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -983,7 +1139,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.publicAdvertisedPrefixes.html b/docs/dyn/compute_beta.publicAdvertisedPrefixes.html
index 54d256e0e00..45dc5660172 100644
--- a/docs/dyn/compute_beta.publicAdvertisedPrefixes.html
+++ b/docs/dyn/compute_beta.publicAdvertisedPrefixes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, publicAdvertisedPrefix, requestId=None, x__xgafv=None)

+  delete(project, publicAdvertisedPrefix, requestId=None)

 
Deletes the specified PublicAdvertisedPrefix

 

-  get(project, publicAdvertisedPrefix, x__xgafv=None)

+  get(project, publicAdvertisedPrefix)

 
Returns the specified PublicAdvertisedPrefix resource.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a PublicAdvertisedPrefix in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the PublicAdvertisedPrefixes for a project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, publicAdvertisedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, publicAdvertisedPrefix, body=None, requestId=None)

 
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, publicAdvertisedPrefix, requestId=None, x__xgafv=None)
+    delete(project, publicAdvertisedPrefix, requestId=None)
   
Deletes the specified PublicAdvertisedPrefix
 
 Args:
   project: string, Project ID for this request. (required)
   publicAdvertisedPrefix: string, Name of the PublicAdvertisedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -151,7 +164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -165,16 +179,12 @@ 
Method Details

 

 
 

-    get(project, publicAdvertisedPrefix, x__xgafv=None)
+    get(project, publicAdvertisedPrefix)
   
Returns the specified PublicAdvertisedPrefix resource.
 
 Args:
   project: string, Project ID for this request. (required)
   publicAdvertisedPrefix: string, Name of the PublicAdvertisedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -183,7 +193,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -204,7 +216,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a PublicAdvertisedPrefix in the specified project using the parameters that are included in the request.
 
 Args:
@@ -216,7 +228,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -235,16 +249,29 @@ 
Method Details

   "status": "A String", # The status of the public advertised prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -278,7 +305,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -292,20 +320,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the PublicAdvertisedPrefixes for a project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -317,7 +351,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
       "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -341,7 +377,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -367,7 +404,7 @@ 
Method Details

 

 
 

-    patch(project, publicAdvertisedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, publicAdvertisedPrefix, body=None, requestId=None)
   
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -380,7 +417,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -399,16 +438,29 @@ 
Method Details

   "status": "A String", # The status of the public advertised prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -442,7 +494,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.publicDelegatedPrefixes.html b/docs/dyn/compute_beta.publicDelegatedPrefixes.html
index 25cf995d9a8..17b76d8e66d 100644
--- a/docs/dyn/compute_beta.publicDelegatedPrefixes.html
+++ b/docs/dyn/compute_beta.publicDelegatedPrefixes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . publicDelegatedPrefixes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all PublicDelegatedPrefix resources owned by the specific project across all scopes.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, publicDelegatedPrefix, requestId=None, x__xgafv=None)

+  delete(project, region, publicDelegatedPrefix, requestId=None)

 
Deletes the specified PublicDelegatedPrefix in the given region.

 

-  get(project, region, publicDelegatedPrefix, x__xgafv=None)

+  get(project, region, publicDelegatedPrefix)

 
Returns the specified PublicDelegatedPrefix resource in the given region.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a PublicDelegatedPrefix in the specified project in the given region using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the PublicDelegatedPrefixes for a project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, publicDelegatedPrefix, body=None, requestId=None)

 
Patches the specified PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all PublicDelegatedPrefix resources owned by the specific project across all scopes.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,9 @@ 
Method Details

         { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
           "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
           "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
           "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -155,7 +163,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of public delegated prefixes when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,7 +182,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -204,23 +214,36 @@ 
Method Details

 

 
 

-    delete(project, region, publicDelegatedPrefix, requestId=None, x__xgafv=None)
+    delete(project, region, publicDelegatedPrefix, requestId=None)
   
Deletes the specified PublicDelegatedPrefix in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -254,7 +277,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -268,17 +292,13 @@ 
Method Details

 

 
 

-    get(project, region, publicDelegatedPrefix, x__xgafv=None)
+    get(project, region, publicDelegatedPrefix)
   
Returns the specified PublicDelegatedPrefix resource in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -286,7 +306,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -311,7 +333,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a PublicDelegatedPrefix in the specified project in the given region using the parameters that are included in the request.
 
 Args:
@@ -323,7 +345,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -346,16 +370,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -389,7 +426,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -403,21 +441,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the PublicDelegatedPrefixes for a project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -428,7 +472,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
       "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -456,7 +502,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -482,7 +529,7 @@ 
Method Details

 

 
 

-    patch(project, region, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, publicDelegatedPrefix, body=None, requestId=None)
   
Patches the specified PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -495,7 +542,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -518,16 +567,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -561,7 +623,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionAutoscalers.html b/docs/dyn/compute_beta.regionAutoscalers.html
index cf24ed79bc3..00e5588ff13 100644
--- a/docs/dyn/compute_beta.regionAutoscalers.html
+++ b/docs/dyn/compute_beta.regionAutoscalers.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, autoscaler, requestId=None, x__xgafv=None)

+  delete(project, region, autoscaler, requestId=None)

 
Deletes the specified autoscaler.

 

-  get(project, region, autoscaler, x__xgafv=None)

+  get(project, region, autoscaler)

 
Returns the specified autoscaler.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an autoscaler in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of autoscalers contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  update(project, region, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request.

 
Method Details

 

@@ -108,23 +108,36 @@ 
Method Details

 

 
 

-    delete(project, region, autoscaler, requestId=None, x__xgafv=None)
+    delete(project, region, autoscaler, requestId=None)
   
Deletes the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   autoscaler: string, Name of the autoscaler to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,34 +186,69 @@ 
Method Details

 

 
 

-    get(project, region, autoscaler, x__xgafv=None)
+    get(project, region, autoscaler)
   
Returns the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   autoscaler: string, Name of the autoscaler to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+    #
+    # Google Compute Engine has two Autoscaler resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    #
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    #
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    #
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      #
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -211,7 +260,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -219,7 +272,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -232,7 +289,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -251,11 +308,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -264,7 +341,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -273,19 +350,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -297,7 +413,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -305,7 +425,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -318,7 +442,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -337,27 +461,60 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
   "zone": "A String", # [Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -391,7 +548,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -405,21 +563,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of autoscalers contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -427,19 +591,58 @@ 
Method Details

     { # Contains a list of autoscalers.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Autoscaler resources.
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+        #
+        # Google Compute Engine has two Autoscaler resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+        #
+        # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+        #
+        # For zonal managed instance groups resource, use the autoscaler resource.
+        #
+        # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+          #
+          # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+            #
+            # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
         "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+              #
+              # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+              #
+              # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+              #
+              # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
         },
         "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
           { # Custom utilization metric policy.
-            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                #
+                # For the filter to be valid for autoscaling purposes, the following rules apply:
+                # - You can only use the AND operator for joining selectors.
+                # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                #
+                # If not specified, the type defaults to gce_instance.
+                #
+                # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                #
+                # The metric must have a value type of INT64 or DOUBLE.
+            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                #
+                # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                #
+                # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                #
+                # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
             "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
           },
         ],
@@ -451,7 +654,11 @@ 
Method Details

         "mode": "A String", # Defines operating mode for this policy.
         "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -459,7 +666,11 @@ 
Method Details

         },
         "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -472,7 +683,7 @@ 
Method Details

             "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
             "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
             "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
           },
         },
       },
@@ -491,11 +702,31 @@ 
Method Details

         },
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+          # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+          # - DELETING: Configuration is being deleted.
+          # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+          # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
       "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
         {
           "message": "A String", # The status message.
-          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+              # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+              # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+              # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+              # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+              # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+              # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+              # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+              # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+              # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+              # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+              # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+              # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+              # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+              # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+              # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+              # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
         },
       ],
       "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -507,7 +738,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -533,7 +765,7 @@ 
Method Details

 

 
 

-    patch(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -542,19 +774,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -566,7 +837,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -574,7 +849,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -587,7 +866,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -606,11 +885,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -618,16 +917,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -661,7 +973,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -675,7 +988,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -691,10 +1004,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -707,7 +1016,7 @@ 
Method Details

 

 
 

-    update(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    update(project, region, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -716,19 +1025,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/beta/autoscalers) * [Regional](/compute/docs/reference/rest/beta/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -740,7 +1088,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleDownControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledDownReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -748,7 +1100,11 @@ 
Method Details

     },
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -761,7 +1117,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -780,11 +1136,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -792,16 +1168,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to update.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -835,7 +1224,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionBackendServices.html b/docs/dyn/compute_beta.regionBackendServices.html
index 5902b9c93de..88e6b2ac1d6 100644
--- a/docs/dyn/compute_beta.regionBackendServices.html
+++ b/docs/dyn/compute_beta.regionBackendServices.html
@@ -78,38 +78,38 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, backendService, requestId=None, x__xgafv=None)

+  delete(project, region, backendService, requestId=None)

 
Deletes the specified regional BackendService resource.

 

-  get(project, region, backendService, x__xgafv=None)

+  get(project, region, backendService)

 
Returns the specified regional BackendService resource.

 

-  getHealth(project, region, backendService, body=None, x__xgafv=None)

+  getHealth(project, region, backendService, body=None)

 
Gets the most recent health check results for this regional BackendService.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

-
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.

+  insert(project, region, body=None, requestId=None)

+
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of regional BackendService resources available to the specified project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, backendService, body=None, requestId=None, x__xgafv=None)

-
Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+  patch(project, region, backendService, body=None, requestId=None)

+
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, backendService, body=None, requestId=None, x__xgafv=None)

-
Updates the specified regional BackendService resource with the data included in the request. For more information, see Backend services overview .

+  update(project, region, backendService, body=None, requestId=None)

+
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Backend services overview.

 
Method Details

 

     close()
@@ -117,23 +117,36 @@ 
Method Details

 

 
 

-    delete(project, region, backendService, requestId=None, x__xgafv=None)
+    delete(project, region, backendService, requestId=None)
   
Deletes the specified regional BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   backendService: string, Name of the BackendService resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -167,7 +180,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -181,40 +195,80 @@ 
Method Details

 

 
 

-    get(project, region, backendService, x__xgafv=None)
+    get(project, region, backendService)
   
Returns the specified regional BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   backendService: string, Name of the BackendService resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+    #
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    #
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    #
+    # For more information, see Backend Services.
+    #
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      #
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -237,7 +291,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -266,16 +326,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -298,35 +380,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      #
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -345,20 +454,48 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      #
+      #
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      #
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      #
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      #
+      # When the loadBalancingScheme is EXTERNAL:
+      #
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      #
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      #
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
@@ -367,7 +504,7 @@ 
Method Details

 

 
 

-    getHealth(project, region, backendService, body=None, x__xgafv=None)
+    getHealth(project, region, backendService, body=None)
   
Gets the most recent health check results for this regional BackendService.
 
 Args:
@@ -381,10 +518,6 @@ 
Method Details

   "group": "A String", # A URI referencing one of the instance groups or network endpoint groups listed in the backend service.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -413,7 +546,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -421,27 +554,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -449,77 +606,145 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
-  
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.
+    insert(project, region, body=None, requestId=None)
+  
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -527,25 +752,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -568,7 +837,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -597,16 +872,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -629,35 +926,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -676,36 +1000,77 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -739,7 +1104,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -753,21 +1119,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of regional BackendService resources available to the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -775,25 +1147,69 @@ 
Method Details

     { # Contains a list of BackendService resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendService resources.
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+        #
+        # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+        #
+        # Backend services in Google Compute Engine can be either regionally or globally scoped.
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+        #
+        # For more information, see Backend Services.
+        #
+        # (== resource_for {$api_version}.backendService ==)
+      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+          #
+          # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backends": [ # The list of backends that serve this BackendService.
         { # Message containing information of one individual backend.
-          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+              #
+              # Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+              #
+              # For regional services, the backend must be in the same region as the backend service.
+              #
+              # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
           "maxUtilization": 3.14,
         },
       ],
-      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
           { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
             "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -816,7 +1232,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -845,16 +1267,38 @@ 
Method Details

         "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       },
-      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+      "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
       "connectionDraining": { # Message containing connection draining configuration.
         "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
       },
       "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+        "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+            #
+            # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+            #
+            # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+            #
+            # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+        "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+            #
+            # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+            #
+            # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+            #
+            # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+        "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+            #
+            # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+            #
+            # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
       },
-      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
           "name": "A String", # Name of the cookie.
           "path": "A String", # Path to set for the cookie.
@@ -877,35 +1321,62 @@ 
Method Details

       "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
       "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
       "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+            #
+            # The default is false.
         "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
         "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
       },
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
         "A String",
       ],
       "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
         "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
         "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
         "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
       },
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+          # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+          # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+          # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+          # - RANDOM: The load balancer selects a random healthy host.
+          # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+          # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+          #
+          # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
         "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
         "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+          # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+          # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -924,20 +1395,48 @@ 
Method Details

         "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
         "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
       },
-      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-      "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+          #
+          #
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+      "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+          #
+          # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+          #
+          # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
       "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
         "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+            # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            # If left blank, communications are not encrypted.
+            # Note: This field currently has no impact.
+        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+            # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+            # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+            # Note: This field currently has no impact.
           "A String",
         ],
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+          #
+          # When the loadBalancingScheme is EXTERNAL:
+          #
+          # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+          #
+          # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+          #
+          # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
         "policy": "A String",
       },
@@ -949,7 +1448,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -975,8 +1475,8 @@ 
Method Details

 

 
 

-    patch(project, region, backendService, body=None, requestId=None, x__xgafv=None)
-  
Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
+    patch(project, region, backendService, body=None, requestId=None)
+  
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -985,25 +1485,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1026,7 +1570,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1055,16 +1605,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1087,35 +1659,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1134,36 +1733,77 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1197,7 +1837,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1211,7 +1852,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1224,33 +1865,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1258,95 +1973,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1354,76 +2161,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1439,10 +2314,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1455,8 +2326,8 @@ 
Method Details

 

 
 

-    update(project, region, backendService, body=None, requestId=None, x__xgafv=None)
-  
Updates the specified regional BackendService resource with the data included in the request. For more information, see Backend services overview .
+    update(project, region, backendService, body=None, requestId=None)
+  
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1465,25 +2336,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/beta/backendServices) * [Regional](/compute/docs/reference/rest/beta/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1506,7 +2421,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1535,16 +2456,38 @@ 
Method Details

     "maxRequestsPerConnection": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "maxRetries": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   },
-  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client’s Accept-Encoding header.
+  "compressionMode": "A String", # Compress text responses using Brotli or gzip compression, based on the client?s Accept-Encoding header.
   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
   "connectionTrackingPolicy": { # Connection Tracking configuration for this BackendService.
-    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
-    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours. For NLB the minimum(default) is 60 seconds and the maximum is 16 hours. This field will be supported only if the Connection Tracking key is less than 5-tuple.
-    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options: PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
+    "connectionPersistenceOnUnhealthyBackends": "A String", # Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL.
+        #
+        # If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP.
+        #
+        # If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy).
+        #
+        # If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default.
+    "idleTimeoutSec": 42, # Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds).
+        #
+        # For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
+        #
+        # For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.
+        #
+        # This field will be supported only if the Connection Tracking key is less than 5-tuple.
+    "trackingMode": "A String", # Specifies the key used for connection tracking. There are two options:
+        #
+        # PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol.
+        #
+        # PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1567,35 +2510,62 @@ 
Method Details

   "edgeSecurityPolicy": "A String", # [Output Only] The resource URL for the edge security policy associated with this backend service.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1614,36 +2584,77 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
     "authentication": "A String", # [Deprecated] Use clientTlsPolicy instead.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1677,7 +2688,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionCommitments.html b/docs/dyn/compute_beta.regionCommitments.html
index 1da5e926256..5f184a377f0 100644
--- a/docs/dyn/compute_beta.regionCommitments.html
+++ b/docs/dyn/compute_beta.regionCommitments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . regionCommitments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of commitments.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, commitment, x__xgafv=None)

+  get(project, region, commitment)

 
Returns the specified commitment resource. Gets a list of available commitments by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a commitment in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of commitments contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  updateReservations(project, region, commitment, body=None, requestId=None, x__xgafv=None)

+  updateReservations(project, region, commitment, body=None, requestId=None)

 
Transfers GPUs or local SSDs between reservations within commitments.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of commitments.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -127,7 +133,9 @@ 
Method Details

   "items": { # A list of CommitmentsScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of commitments.
       "commitments": [ # [Output Only] A list of commitments contained in this scope.
-        { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+        { # Represents a regional Commitment resource.
+            #
+            # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
           "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -143,7 +151,7 @@ 
Method Details

           "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
           "region": "A String", # [Output Only] URL of the region where this commitment may be used.
           "reservations": [ # List of reservations in this commitment.
-            { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+            { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
               "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
               "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -196,7 +204,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of commitments when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -214,7 +223,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -245,22 +255,20 @@ 
Method Details

 

 
 

-    get(project, region, commitment, x__xgafv=None)
+    get(project, region, commitment)
   
Returns the specified commitment resource. Gets a list of available commitments by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   commitment: string, Name of the commitment to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+    { # Represents a regional Commitment resource.
+    #
+    # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
   "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -276,7 +284,7 @@ 
Method Details

   "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
   "region": "A String", # [Output Only] URL of the region where this commitment may be used.
   "reservations": [ # List of reservations in this commitment.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -329,7 +337,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a commitment in the specified project using the data included in the request.
 
 Args:
@@ -338,7 +346,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+{ # Represents a regional Commitment resource.
+    # 
+    # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
   "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -354,7 +364,7 @@ 
Method Details

   "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
   "region": "A String", # [Output Only] URL of the region where this commitment may be used.
   "reservations": [ # List of reservations in this commitment.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -405,16 +415,29 @@ 
Method Details

   "type": "A String", # The type of commitment, which affects the discount rate and the eligible resources. Type MEMORY_OPTIMIZED specifies a commitment that will only apply to memory optimized machines. Type ACCELERATOR_OPTIMIZED specifies a commitment that will only apply to accelerator optimized machines.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -448,7 +471,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -462,21 +486,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of commitments contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -484,7 +514,9 @@ 
Method Details

     { # Contains a list of Commitment resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Commitment resources.
-    { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+    { # Represents a regional Commitment resource.
+        #
+        # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
       "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -500,7 +532,7 @@ 
Method Details

       "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
       "region": "A String", # [Output Only] URL of the region where this commitment may be used.
       "reservations": [ # List of reservations in this commitment.
-        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
           "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -556,7 +588,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -582,7 +615,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -598,10 +631,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -614,7 +643,7 @@ 
Method Details

 

 
 

-    updateReservations(project, region, commitment, body=None, requestId=None, x__xgafv=None)
+    updateReservations(project, region, commitment, body=None, requestId=None)
   
Transfers GPUs or local SSDs between reservations within commitments.
 
 Args:
@@ -626,7 +655,7 @@ 
Method Details

 
 {
   "reservations": [ # A list of two reservations to transfer GPUs and local SSD between.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -665,16 +694,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -708,7 +750,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionDiskTypes.html b/docs/dyn/compute_beta.regionDiskTypes.html
index 725734e324e..23d9aa47b04 100644
--- a/docs/dyn/compute_beta.regionDiskTypes.html
+++ b/docs/dyn/compute_beta.regionDiskTypes.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, diskType, x__xgafv=None)

+  get(project, region, diskType)

 
Returns the specified regional disk type. Gets a list of available disk types by making a list() request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of regional disk types available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,22 +93,28 @@ 
Method Details

 

 
 

-    get(project, region, diskType, x__xgafv=None)
+    get(project, region, diskType)
   
Returns the specified regional disk type. Gets a list of available disk types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   diskType: string, Name of the disk type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/beta/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/beta/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+    #
+    # Google Compute Engine has two Disk Type resources:
+    #
+    # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+    #
+    # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+    #
+    # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -130,21 +136,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of regional disk types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -152,7 +164,17 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of DiskType resources.
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/beta/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/beta/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+        #
+        # Google Compute Engine has two Disk Type resources:
+        #
+        # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+        #
+        # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+        #
+        # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -177,7 +199,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionDisks.html b/docs/dyn/compute_beta.regionDisks.html
index 6429cb93b89..f4cc34ca075 100644
--- a/docs/dyn/compute_beta.regionDisks.html
+++ b/docs/dyn/compute_beta.regionDisks.html
@@ -75,50 +75,50 @@
 
Compute Engine API . regionDisks

 
Instance Methods

 

-  addResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, region, disk, body=None, requestId=None)

 
Adds existing resource policies to a regional disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.

 

   close()

 
Close httplib2 connections.

 

-  createSnapshot(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  createSnapshot(project, region, disk, body=None, requestId=None)

 
Creates a snapshot of this regional disk.

 

-  delete(project, region, disk, requestId=None, x__xgafv=None)

+  delete(project, region, disk, requestId=None)

 
Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.

 

-  get(project, region, disk, x__xgafv=None)

+  get(project, region, disk)

 
Returns a specified regional persistent disk.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, sourceImage=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, sourceImage=None)

 
Creates a persistent regional disk in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of persistent disks contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, region, disk, body=None, requestId=None)

 
Removes resource policies from a regional disk.

 

-  resize(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  resize(project, region, disk, body=None, requestId=None)

 
Resizes the specified regional persistent disk.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on the target regional disk.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, region, disk, body=None, requestId=None)
   
Adds existing resource policies to a regional disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.
 
 Args:
@@ -134,16 +134,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -177,7 +190,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -196,7 +210,7 @@ 
Method Details

 

 
 

-    createSnapshot(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    createSnapshot(project, region, disk, body=None, requestId=None)
   
Creates a snapshot of this regional disk.
 
 Args:
@@ -206,7 +220,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -216,7 +232,9 @@ 
Method Details

   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -230,11 +248,22 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -242,7 +271,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -254,16 +288,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -297,7 +344,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -311,23 +359,36 @@ 
Method Details

 

 
 

-    delete(project, region, disk, requestId=None, x__xgafv=None)
+    delete(project, region, disk, requestId=None)
   
Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   disk: string, Name of the regional persistent disk to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -361,7 +422,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -375,41 +437,60 @@ 
Method Details

 

 
 

-    get(project, region, disk, x__xgafv=None)
+    get(project, region, disk)
   
Returns a specified regional persistent disk.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   disk: string, Name of the regional persistent disk to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/beta/disks) * [Regional](/compute/docs/reference/rest/beta/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+    #
+    # Google Compute Engine has two Disk resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    #
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    #
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      #
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -436,31 +517,72 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      #
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      #
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      #
+      #
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      #
+      #
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      #
+      #
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
@@ -469,7 +591,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -477,27 +599,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -505,76 +651,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, sourceImage=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, sourceImage=None)
   
Creates a persistent regional disk in the specified project using the data included in the request.
 
 Args:
@@ -583,26 +797,49 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/beta/disks) * [Regional](/compute/docs/reference/rest/beta/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+{ # Represents a Persistent Disk resource.
+    # 
+    # Google Compute Engine has two Disk resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    # 
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    # 
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    # 
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      # 
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -629,48 +866,102 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      # 
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      # 
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      # 
+      # 
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      # 
+      # 
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      # 
+      # 
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
   "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
   "zone": "A String", # [Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceImage: string, Source image to restore onto a disk. This field is optional.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -704,7 +995,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -718,21 +1010,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of persistent disks contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -740,26 +1038,49 @@ 
Method Details

     { # A list of Disk resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Disk resources.
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/beta/disks) * [Regional](/compute/docs/reference/rest/beta/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+        #
+        # Google Compute Engine has two Disk resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+        #
+        # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+        #
+        # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+          #
+          # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "eraseWindowsVssSignature": True or False, # Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
       "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a disk.
       "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -786,31 +1107,72 @@ 
Method Details

       ],
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+          #
+          # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+          #
+          # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+          # projects/debian-cloud/global/images/family/debian-9
+          #
+          #
+          # Alternatively, use a specific version of a public operating system image:
+          # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+          #
+          #
+          # To create a disk with a custom image that you created, specify the image name in the following format:
+          # global/images/my-custom-image
+          #
+          #
+          # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+          # global/images/family/my-image-family
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+          # - projects/project/global/snapshots/snapshot
+          # - global/snapshots/snapshot
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
       "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-      "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
+      "status": "A String", # [Output Only] The status of disk creation.
+          # - CREATING: Disk is provisioning.
+          # - RESTORING: Source data is being copied into the disk.
+          # - FAILED: Disk creation failed.
+          # - READY: Disk is ready for use.
+          # - DELETING: Disk is deleting.
       "storageType": "A String", # [Deprecated] Storage type of the persistent disk.
-      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
       "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
         "A String",
       ],
@@ -822,7 +1184,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -848,7 +1211,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, region, disk, body=None, requestId=None)
   
Removes resource policies from a regional disk.
 
 Args:
@@ -864,16 +1227,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -907,7 +1283,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -921,7 +1298,7 @@ 
Method Details

 

 
 

-    resize(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    resize(project, region, disk, body=None, requestId=None)
   
Resizes the specified regional persistent disk.
 
 Args:
@@ -935,16 +1312,29 @@ 
Method Details

   "sizeGb": "A String", # The new size of the regional persistent disk, which is specified in GB.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -978,7 +1368,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -992,7 +1383,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1005,33 +1396,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1039,95 +1504,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1135,76 +1692,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on the target regional disk.
 
 Args:
@@ -1221,16 +1846,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1264,7 +1902,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1278,7 +1917,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1294,10 +1933,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regionHealthCheckServices.html b/docs/dyn/compute_beta.regionHealthCheckServices.html
index e37fcc31e8c..4580223470d 100644
--- a/docs/dyn/compute_beta.regionHealthCheckServices.html
+++ b/docs/dyn/compute_beta.regionHealthCheckServices.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, healthCheckService, requestId=None, x__xgafv=None)

+  delete(project, region, healthCheckService, requestId=None)

 
Deletes the specified regional HealthCheckService.

 

-  get(project, region, healthCheckService, x__xgafv=None)

+  get(project, region, healthCheckService)

 
Returns the specified regional HealthCheckService resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a regional HealthCheckService resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the HealthCheckService resources that have been configured for the specified project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, healthCheckService, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, healthCheckService, body=None, requestId=None)

 
Updates the specified regional HealthCheckService resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,23 +105,36 @@ 
Method Details

 

 
 

-    delete(project, region, healthCheckService, requestId=None, x__xgafv=None)
+    delete(project, region, healthCheckService, requestId=None)
   
Deletes the specified regional HealthCheckService.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheckService: string, Name of the HealthCheckService to delete. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -155,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,30 +183,34 @@ 
Method Details

 

 
 

-    get(project, region, healthCheckService, x__xgafv=None)
+    get(project, region, healthCheckService)
   
Returns the specified regional HealthCheckService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheckService: string, Name of the HealthCheckService to update. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     { # Represents a Health-Check as a Service resource.
+    #
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+      #
+      # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -208,7 +226,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a regional HealthCheckService resource in the specified project and region using the data included in the request.
 
 Args:
@@ -218,14 +236,22 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Health-Check as a Service resource.
+    # 
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+      # 
+      # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -239,16 +265,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -282,7 +321,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -296,21 +336,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the HealthCheckService resources that have been configured for the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -319,14 +365,22 @@ 
Method Details

   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheckService resources.
     { # Represents a Health-Check as a Service resource.
+        #
+        # (== resource_for {$api_version}.regionHealthCheckServices ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
       "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
         "A String",
       ],
-      "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-      "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+      "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+          # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+          # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+      "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+          #
+          # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+          # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+          # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
       "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -345,7 +399,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -371,7 +426,7 @@ 
Method Details

 

 
 

-    patch(project, region, healthCheckService, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, healthCheckService, body=None, requestId=None)
   
Updates the specified regional HealthCheckService resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -382,14 +437,22 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Health-Check as a Service resource.
+    # 
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
-  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationStrategy": "A String", # This field is deprecated. Use health_status_aggregation_policy instead.
+      # 
+      # Policy for how the results from multiple health checks for the same endpoint are aggregated.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -403,16 +466,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -446,7 +522,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -460,7 +537,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -476,10 +553,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regionHealthChecks.html b/docs/dyn/compute_beta.regionHealthChecks.html
index 8c5648e206d..17628f36d1e 100644
--- a/docs/dyn/compute_beta.regionHealthChecks.html
+++ b/docs/dyn/compute_beta.regionHealthChecks.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, healthCheck, requestId=None, x__xgafv=None)

+  delete(project, region, healthCheck, requestId=None)

 
Deletes the specified HealthCheck resource.

 

-  get(project, region, healthCheck, x__xgafv=None)

+  get(project, region, healthCheck)

 
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a HealthCheck resource in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, region, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -108,23 +108,36 @@ 
Method Details

 

 
 

-    delete(project, region, healthCheck, requestId=None, x__xgafv=None)
+    delete(project, region, healthCheck, requestId=None)
   
Deletes the specified HealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheck: string, Name of the HealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,37 +186,64 @@ 
Method Details

 

 
 

-    get(project, region, healthCheck, x__xgafv=None)
+    get(project, region, healthCheck)
   
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheck: string, Name of the HealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+    #
+    # Google Compute Engine has two Health Check resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    #
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    #
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    #
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    #
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -211,7 +252,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -220,7 +267,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -236,7 +289,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -244,7 +303,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -256,7 +321,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -265,22 +330,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -289,7 +385,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -298,7 +400,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -314,7 +422,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -322,7 +436,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -332,16 +452,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -375,7 +508,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -389,21 +523,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -411,22 +551,53 @@ 
Method Details

     { # Contains a list of HealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheck resources.
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+        #
+        # Google Compute Engine has two Health Check resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+        #
+        # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+        #
+        # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+        #
+        # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+        #
+        # For more information, see Health checks overview.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcHealthCheck": {
-        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+            # - Empty service_name means the overall status of all services at the backend.
+            # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+            # The grpc_service_name can only be ASCII.
         "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, gRPC health check follows behavior specified in port and portName fields.
       },
       "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
       "http2HealthCheck": {
         "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -435,7 +606,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -444,7 +621,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTPS health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -460,7 +643,13 @@ 
Method Details

       "sslHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, SSL health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -468,7 +657,13 @@ 
Method Details

       "tcpHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, TCP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -483,7 +678,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -509,7 +705,7 @@ 
Method Details

 

 
 

-    patch(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -519,22 +715,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -543,7 +770,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -552,7 +785,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -568,7 +807,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -576,7 +821,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -586,16 +837,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -629,7 +893,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -643,7 +908,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -659,10 +924,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -675,7 +936,7 @@ 
Method Details

 

 
 

-    update(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, region, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -685,22 +946,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/beta/healthChecks) * [Regional](/compute/docs/reference/rest/beta/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -709,7 +1001,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -718,7 +1016,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -734,7 +1038,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -742,7 +1052,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -752,16 +1068,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -795,7 +1124,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionInstanceGroupManagers.html b/docs/dyn/compute_beta.regionInstanceGroupManagers.html
index 02a8adc8276..e59649e3687 100644
--- a/docs/dyn/compute_beta.regionInstanceGroupManagers.html
+++ b/docs/dyn/compute_beta.regionInstanceGroupManagers.html
@@ -75,49 +75,49 @@
 
Compute Engine API . regionInstanceGroupManagers

 
Instance Methods

 

-  abandonInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  abandonInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.

 

-  applyUpdatesToInstances(project, region, instanceGroupManager, body=None, x__xgafv=None)

+  applyUpdatesToInstances(project, region, instanceGroupManager, body=None)

 
Apply updates to selected instances the managed instance group.

 

   close()

 
Close httplib2 connections.

 

-  createInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  createInstances(project, region, instanceGroupManager, body=None, requestId=None)

 
Creates instances with per-instance configs in this regional managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.

 

-  delete(project, region, instanceGroupManager, requestId=None, x__xgafv=None)

+  delete(project, region, instanceGroupManager, requestId=None)

 
Deletes the specified managed instance group and all of the instances in that group.

 

-  deleteInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  deleteInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method.

 

-  deletePerInstanceConfigs(project, region, instanceGroupManager, body=None, x__xgafv=None)

+  deletePerInstanceConfigs(project, region, instanceGroupManager, body=None)

 
Deletes selected per-instance configs for the managed instance group.

 

-  get(project, region, instanceGroupManager, x__xgafv=None)

+  get(project, region, instanceGroupManager)

 
Returns all of the details about the specified managed instance group.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

-
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A regional managed instance group can contain up to 2000 instances.

+  insert(project, region, body=None, requestId=None)

+
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of managed instance groups that are contained within the specified region.

 

-  listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all errors thrown by actions on instances for a given regional managed instance group. The filter and orderBy query parameters are not supported.

 

   listErrors_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances. The orderBy query parameter is not supported.

 

   listManagedInstances_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.

 

   listPerInstanceConfigs_next(previous_request, previous_response)

@@ -126,39 +126,43 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)

 
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 

-  recreateInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  recreateInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.

 

-  resize(project, region, instanceGroupManager, size, requestId=None, x__xgafv=None)

-
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resize(project, region, instanceGroupManager, size, requestId=None)

+
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances.

 

-  setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None)

 
Modifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use regionInstanceGroupManagers.patch instead.

 

-  setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None)

 
Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.

 

-  setTargetPools(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setTargetPools(project, region, instanceGroupManager, body=None, requestId=None)

 
Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  update(project, region, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)

 
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 
Method Details

 

-    abandonInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    abandonInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -173,16 +177,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -216,7 +233,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -230,7 +248,7 @@ 
Method Details

 

 
 

-    applyUpdatesToInstances(project, region, instanceGroupManager, body=None, x__xgafv=None)
+    applyUpdatesToInstances(project, region, instanceGroupManager, body=None)
   
Apply updates to selected instances the managed instance group.
 
 Args:
@@ -241,23 +259,40 @@ 
Method Details

     The object takes the form of:
 
 { # RegionInstanceGroupManagers.applyUpdatesToInstances
-  "allInstances": True or False, # Flag to update all instances instead of specified list of “instances”. If the flag is set to true then the instances may not be specified in the request.
+  "allInstances": True or False, # Flag to update all instances instead of specified list of ?instances?. If the flag is set to true then the instances may not be specified in the request.
   "instances": [ # The list of URLs of one or more instances for which you want to apply updates. Each URL can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].
     "A String",
   ],
-  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update: - REPLACE: At minimum, delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
-  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update: - REPLACE: Delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
+  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update:
+      # - REPLACE: At minimum, delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
+  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update:
+      # - REPLACE: Delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -291,7 +326,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -310,7 +346,7 @@ 
Method Details

 

 
 

-    createInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    createInstances(project, region, instanceGroupManager, body=None, requestId=None)
   
Creates instances with per-instance configs in this regional managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.
 
 Args:
@@ -342,16 +378,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -385,7 +434,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -399,23 +449,36 @@ 
Method Details

 

 
 

-    delete(project, region, instanceGroupManager, requestId=None, x__xgafv=None)
+    delete(project, region, instanceGroupManager, requestId=None)
   
Deletes the specified managed instance group and all of the instances in that group.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -449,7 +512,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -463,8 +527,12 @@ 
Method Details

 

 
 

-    deleteInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    deleteInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -479,16 +547,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -522,7 +603,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -536,7 +618,7 @@ 
Method Details

 

 
 

-    deletePerInstanceConfigs(project, region, instanceGroupManager, body=None, x__xgafv=None)
+    deletePerInstanceConfigs(project, region, instanceGroupManager, body=None)
   
Deletes selected per-instance configs for the managed instance group.
 
 Args:
@@ -552,15 +634,24 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -594,7 +685,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -608,22 +700,26 @@ 
Method Details

 

 
 

-    get(project, region, instanceGroupManager, x__xgafv=None)
+    get(project, region, instanceGroupManager)
   
Returns all of the details about the specified managed instance group.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    #
+    # Represents a Managed Instance Group resource.
+    #
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    #
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    #
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -634,7 +730,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -653,14 +751,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -696,14 +796,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -713,12 +831,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      #
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -729,8 +855,10 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
-  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A regional managed instance group can contain up to 2000 instances.
+    insert(project, region, body=None, requestId=None)
+  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.
+
+A regional managed instance group can contain up to 2000 instances.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -738,7 +866,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -749,7 +885,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -768,14 +906,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -811,14 +951,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -828,12 +986,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -842,16 +1008,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -885,7 +1064,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -899,21 +1079,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of managed instance groups that are contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -921,7 +1107,15 @@ 
Method Details

     { # Contains a list of managed instance groups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroupManager resources.
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+        #
+        # Represents a Managed Instance Group resource.
+        #
+        # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+        #
+        # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+        #
+        # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
       "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
         {
           "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -932,7 +1126,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
       "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
         "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+            #
+            # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
         "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
         "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
         "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -951,14 +1147,16 @@ 
Method Details

         ],
       },
       "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
       "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
       "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
       "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
       "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
       "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -994,14 +1192,32 @@ 
Method Details

       ],
       "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
       "updatePolicy": { # The update policy for this managed instance group.
-        "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+            # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+            # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
-        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+            #
+            #
+            # - The instance's status is RUNNING.
+            # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
@@ -1011,12 +1227,20 @@ 
Method Details

         "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
         "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
       },
-      "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+      "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+          #
+          # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
         {
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
           "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+              # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+              # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1030,7 +1254,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1042,22 +1267,28 @@ 
Method Details

 

 
 

-    listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all errors thrown by actions on instances for a given regional managed instance group. The filter and orderBy query parameters are not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. This should conform to RFC1035. (required)
-  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|1-9{0,19}. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|[1-9][0-9]{0,19}. (required)
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1099,22 +1330,28 @@ 
Method Details

 

 
 

-    listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1122,7 +1359,16 @@ 
Method Details

     {
   "managedInstances": [ # A list of managed instances.
     { # A Managed Instance resource.
-      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. - RECREATING The managed instance group is recreating this instance. - DELETING The managed instance group is permanently deleting this instance. - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. - RESTARTING The managed instance group is restarting the instance. - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
+      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values:
+          # - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance.
+          # - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful.
+          # - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead.
+          # - RECREATING The managed instance group is recreating this instance.
+          # - DELETING The managed instance group is permanently deleting this instance.
+          # - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group.
+          # - RESTARTING The managed instance group is restarting the instance.
+          # - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.
+          # - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
       "id": "A String", # [Output only] The unique identifier for this resource. This field is empty when instance does not exist.
       "instance": "A String", # [Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.
       "instanceHealth": [ # [Output Only] Health state of the instance per health-check.
@@ -1192,22 +1438,28 @@ 
Method Details

 

 
 

-    listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request, should conform to RFC1035. (required)
   instanceGroupManager: string, The name of the managed instance group. It should conform to RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1235,7 +1487,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1275,7 +1528,7 @@ 
Method Details

 

 
 

-    patch(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -1285,7 +1538,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -1296,7 +1557,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1315,14 +1578,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -1358,14 +1623,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1375,12 +1658,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1389,16 +1680,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1432,7 +1736,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1446,7 +1751,7 @@ 
Method Details

 

 
 

-    patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)
   
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1478,16 +1783,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1521,7 +1839,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1535,8 +1854,12 @@ 
Method Details

 

 
 

-    recreateInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    recreateInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1551,16 +1874,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1594,7 +1930,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1608,24 +1945,41 @@ 
Method Details

 

 
 

-    resize(project, region, instanceGroupManager, size, requestId=None, x__xgafv=None)
-  
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resize(project, region, instanceGroupManager, size, requestId=None)
+  
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances.
+
+The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group. (required)
   size: integer, Number of instances that should exist in this instance group manager. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1659,7 +2013,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1673,7 +2028,7 @@ 
Method Details

 

 
 

-    setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None)
   
Modifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use regionInstanceGroupManagers.patch instead.
 
 Args:
@@ -1692,16 +2047,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1735,7 +2103,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1749,7 +2118,7 @@ 
Method Details

 

 
 

-    setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None)
   
Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.
 
 Args:
@@ -1763,16 +2132,29 @@ 
Method Details

   "instanceTemplate": "A String", # URL of the InstanceTemplate resource from which all new instances will be created.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1806,7 +2188,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1820,7 +2203,7 @@ 
Method Details

 

 
 

-    setTargetPools(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setTargetPools(project, region, instanceGroupManager, body=None, requestId=None)
   
Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.
 
 Args:
@@ -1837,16 +2220,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1880,7 +2276,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1894,7 +2291,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1910,10 +2307,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1926,7 +2319,7 @@ 
Method Details

 

 
 

-    update(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    update(project, region, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.
 
 Args:
@@ -1936,7 +2329,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -1947,7 +2348,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1966,14 +2369,16 @@ 
Method Details

     ],
   },
   "failoverAction": "A String", # The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -2009,14 +2414,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -2026,12 +2449,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -2040,16 +2471,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2083,7 +2527,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2097,7 +2542,7 @@ 
Method Details

 

 
 

-    updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)
   
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -2129,16 +2574,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2172,7 +2630,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionInstanceGroups.html b/docs/dyn/compute_beta.regionInstanceGroups.html
index f9d3747480c..bba566c2dba 100644
--- a/docs/dyn/compute_beta.regionInstanceGroups.html
+++ b/docs/dyn/compute_beta.regionInstanceGroups.html
@@ -78,13 +78,13 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, instanceGroup, x__xgafv=None)

+  get(project, region, instanceGroup)

 
Returns the specified instance group resource.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instance group resources contained within the specified region.

 

-  listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running. The orderBy query parameter is not supported.

 

   listInstances_next(previous_request, previous_response)

@@ -93,10 +93,10 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setNamedPorts(project, region, instanceGroup, body=None, requestId=None, x__xgafv=None)

+  setNamedPorts(project, region, instanceGroup, body=None, requestId=None)

 
Sets the named ports for the specified regional instance group.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,30 +105,42 @@ 
Method Details

 

 
 

-    get(project, region, instanceGroup, x__xgafv=None)
+    get(project, region, instanceGroup)
   
Returns the specified instance group resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroup: string, Name of the instance group resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+    #
+    # Instance Groups can be used to configure a target for load balancing.
+    #
+    # Instance groups can either be managed or unmanaged.
+    #
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    #
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    #
+    # For more information, read Instance groups.
+    #
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      #
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      #
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -143,21 +155,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instance group resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -165,15 +183,31 @@ 
Method Details

     { # Contains a list of InstanceGroup resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroup resources.
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+        #
+        # Instance Groups can be used to configure a target for load balancing.
+        #
+        # Instance groups can either be managed or unmanaged.
+        #
+        # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+        #
+        # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+        #
+        # For more information, read Instance groups.
+        #
+        # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
       "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
       "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
       "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-      "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-        { # The named port. For example: <"http", 80>.
+      "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+          #
+          # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+          #
+          # Named ports apply to all instances in this instance group.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -191,7 +225,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -203,7 +238,7 @@ 
Method Details

 

 
 

-    listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running. The orderBy query parameter is not supported.
 
 Args:
@@ -218,15 +253,21 @@ 
Method Details

   "portName": "A String", # Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -237,7 +278,7 @@ 
Method Details

     {
       "instance": "A String", # [Output Only] The URL of the instance.
       "namedPorts": [ # [Output Only] The named ports that belong to this instance group.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -250,7 +291,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -290,7 +332,7 @@ 
Method Details

 

 
 

-    setNamedPorts(project, region, instanceGroup, body=None, requestId=None, x__xgafv=None)
+    setNamedPorts(project, region, instanceGroup, body=None, requestId=None)
   
Sets the named ports for the specified regional instance group.
 
 Args:
@@ -303,23 +345,36 @@ 
Method Details

 {
   "fingerprint": "A String", # The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.
   "namedPorts": [ # The list of named ports to set for this instance group.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -353,7 +408,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -367,7 +423,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -383,10 +439,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regionInstances.html b/docs/dyn/compute_beta.regionInstances.html
index ef7db5bae0b..91c821ecdf3 100644
--- a/docs/dyn/compute_beta.regionInstances.html
+++ b/docs/dyn/compute_beta.regionInstances.html
@@ -75,14 +75,14 @@
 
Compute Engine API . regionInstances

 
Instance Methods

 

-  bulkInsert(project, region, body=None, requestId=None, x__xgafv=None)

+  bulkInsert(project, region, body=None, requestId=None)

 
Creates multiple instances in a given region. Count specifies the number of instances to create.

 

   close()

 
Close httplib2 connections.

 
Method Details

 

-    bulkInsert(project, region, body=None, requestId=None, x__xgafv=None)
+    bulkInsert(project, region, body=None, requestId=None)
   
Creates multiple instances in a given region. Count specifies the number of instances to create.
 
 Args:
@@ -107,29 +107,57 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              #
+              # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
@@ -141,20 +169,56 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                #
+                # The key must meet the following requirements before you can provide it to Compute Engine:
+                # - The key is wrapped using a RSA public key certificate provided by Google.
+                # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
         },
@@ -188,7 +252,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -206,9 +274,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -225,7 +295,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -245,30 +319,45 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
     "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
     "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -278,7 +367,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
@@ -315,7 +406,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -329,25 +422,45 @@ 
Method Details

     },
   },
   "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
-  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder # ...# can contain up to 18 characters.
+  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
   "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
     "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
       "name": "A String", # This field is only temporary. It will be removed. Do not use it.
     },
   },
-  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional.
+  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+      # 
+      # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+      # - projects/project/global/instanceTemplates/instanceTemplate
+      # - global/instanceTemplates/instanceTemplate
+      # 
+      # This field is optional.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -381,7 +494,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionNetworkEndpointGroups.html b/docs/dyn/compute_beta.regionNetworkEndpointGroups.html
index 61a5b0ffa65..c62b0ee7935 100644
--- a/docs/dyn/compute_beta.regionNetworkEndpointGroups.html
+++ b/docs/dyn/compute_beta.regionNetworkEndpointGroups.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, region, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group. Note that the NEG cannot be deleted if it is configured as a backend of a backend service.

 

-  get(project, region, networkEndpointGroup, x__xgafv=None)

+  get(project, region, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of regional network endpoint groups available to the specified project in the given region.

 

   list_next(previous_request, previous_response)

@@ -99,23 +99,36 @@ 
Method Details

 

 
 

-    delete(project, region, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, region, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group. Note that the NEG cannot be deleted if it is configured as a backend of a backend service.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -149,7 +162,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -163,38 +177,68 @@ 
Method Details

 

 
 

-    get(project, region, networkEndpointGroup, x__xgafv=None)
+    get(project, region, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -219,7 +263,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -228,23 +272,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -267,16 +345,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -310,7 +401,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -324,21 +416,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of regional network endpoint groups available to the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -346,23 +444,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -390,7 +522,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionNotificationEndpoints.html b/docs/dyn/compute_beta.regionNotificationEndpoints.html
index 04bdebcc4cd..063338058af 100644
--- a/docs/dyn/compute_beta.regionNotificationEndpoints.html
+++ b/docs/dyn/compute_beta.regionNotificationEndpoints.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, notificationEndpoint, requestId=None, x__xgafv=None)

+  delete(project, region, notificationEndpoint, requestId=None)

 
Deletes the specified NotificationEndpoint in the given region

 

-  get(project, region, notificationEndpoint, x__xgafv=None)

+  get(project, region, notificationEndpoint)

 
Returns the specified NotificationEndpoint resource in the given region.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Create a NotificationEndpoint in the specified project in the given region using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the NotificationEndpoints for a project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -102,23 +102,36 @@ 
Method Details

 

 
 

-    delete(project, region, notificationEndpoint, requestId=None, x__xgafv=None)
+    delete(project, region, notificationEndpoint, requestId=None)
   
Deletes the specified NotificationEndpoint in the given region
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   notificationEndpoint: string, Name of the NotificationEndpoint resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -152,7 +165,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,22 +180,22 @@ 
Method Details

 

 
 

-    get(project, region, notificationEndpoint, x__xgafv=None)
+    get(project, region, notificationEndpoint)
   
Returns the specified NotificationEndpoint resource in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   notificationEndpoint: string, Name of the NotificationEndpoint resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+    { # Represents a notification endpoint.
+    #
+    # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+    #
+    # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -203,7 +217,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Create a NotificationEndpoint in the specified project in the given region using the parameters that are included in the request.
 
 Args:
@@ -212,7 +226,11 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+{ # Represents a notification endpoint.
+    # 
+    # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+    # 
+    # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -232,16 +250,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -275,7 +306,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -289,21 +321,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the NotificationEndpoints for a project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -311,7 +349,11 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NotificationEndpoint resources.
-    { # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+    { # Represents a notification endpoint.
+        #
+        # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+        #
+        # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -336,7 +378,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -362,7 +405,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -378,10 +421,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regionOperations.html b/docs/dyn/compute_beta.regionOperations.html
index d4d5c3941dc..e2e72149724 100644
--- a/docs/dyn/compute_beta.regionOperations.html
+++ b/docs/dyn/compute_beta.regionOperations.html
@@ -78,20 +78,20 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, operation, x__xgafv=None)

+  delete(project, region, operation)

 
Deletes the specified region-specific Operations resource.

 

-  get(project, region, operation, x__xgafv=None)

+  get(project, region, operation)

 
Retrieves the specified region-specific Operations resource.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, region, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, region, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

     close()
@@ -99,37 +99,42 @@ 
Method Details

 

 
 

-    delete(project, region, operation, x__xgafv=None)
+    delete(project, region, operation)
   
Deletes the specified region-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, region, operation, x__xgafv=None)
+    get(project, region, operation)
   
Retrieves the specified region-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -163,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -177,21 +183,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -199,7 +211,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -233,7 +258,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -250,7 +276,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -276,22 +303,35 @@ 
Method Details

 

 
 

-    wait(project, region, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, region, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -325,7 +365,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.regionSslCertificates.html b/docs/dyn/compute_beta.regionSslCertificates.html
index 9a65c2f851a..8a455dc825f 100644
--- a/docs/dyn/compute_beta.regionSslCertificates.html
+++ b/docs/dyn/compute_beta.regionSslCertificates.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, sslCertificate, requestId=None, x__xgafv=None)

+  delete(project, region, sslCertificate, requestId=None)

 
Deletes the specified SslCertificate resource in the region.

 

-  get(project, region, sslCertificate, x__xgafv=None)

+  get(project, region, sslCertificate)

 
Returns the specified SslCertificate resource in the specified region. Get a list of available SSL certificates by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a SslCertificate resource in the specified project and region using the data included in the request

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of SslCertificate resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource and region.

 
Method Details

 

@@ -102,23 +102,36 @@ 
Method Details

 

 
 

-    delete(project, region, sslCertificate, requestId=None, x__xgafv=None)
+    delete(project, region, sslCertificate, requestId=None)
   
Deletes the specified SslCertificate resource in the region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -152,7 +165,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,22 +180,32 @@ 
Method Details

 

 
 

-    get(project, region, sslCertificate, x__xgafv=None)
+    get(project, region, sslCertificate)
   
Returns the specified SslCertificate resource in the specified region. Get a list of available SSL certificates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/beta/sslCertificates) * [Regional](/compute/docs/reference/rest/beta/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+    #
+    # Google Compute Engine has two SSL Certificate resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    #
+    #
+    #
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    #
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    #
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -213,7 +237,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a SslCertificate resource in the specified project and region using the data included in the request
 
 Args:
@@ -222,7 +246,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/beta/sslCertificates) * [Regional](/compute/docs/reference/rest/beta/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+{ # Represents an SSL Certificate resource.
+    # 
+    # Google Compute Engine has two SSL Certificate resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    # 
+    # 
+    # 
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    # 
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    # 
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -252,16 +290,29 @@ 
Method Details

   "type": "A String", # (Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields certificate and private_key are used.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -295,7 +346,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -309,21 +361,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of SslCertificate resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -331,7 +389,21 @@ 
Method Details

     { # Contains a list of SslCertificate resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslCertificate resources.
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/beta/sslCertificates) * [Regional](/compute/docs/reference/rest/beta/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+        #
+        # Google Compute Engine has two SSL Certificate resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+        #
+        #
+        #
+        # The sslCertificates are used by:
+        # - external HTTPS load balancers
+        # - SSL proxy load balancers
+        #
+        # The regionSslCertificates are used by internal HTTPS load balancers.
+        #
+        # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
       "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -366,7 +438,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -392,7 +465,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource and region.
 
 Args:
@@ -408,10 +481,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regionTargetHttpProxies.html b/docs/dyn/compute_beta.regionTargetHttpProxies.html
index e4c98b37176..15fd0dcbe3d 100644
--- a/docs/dyn/compute_beta.regionTargetHttpProxies.html
+++ b/docs/dyn/compute_beta.regionTargetHttpProxies.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetHttpProxy, requestId=None, x__xgafv=None)

+  delete(project, region, targetHttpProxy, requestId=None)

 
Deletes the specified TargetHttpProxy resource.

 

-  get(project, region, targetHttpProxy, x__xgafv=None)

+  get(project, region, targetHttpProxy)

 
Returns the specified TargetHttpProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a TargetHttpProxy resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpProxy resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setUrlMap(project, region, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, region, targetHttpProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpProxy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,23 +105,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetHttpProxy, requestId=None, x__xgafv=None)
+    delete(project, region, targetHttpProxy, requestId=None)
   
Deletes the specified TargetHttpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -155,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,32 +183,43 @@ 
Method Details

 

 
 

-    get(project, region, targetHttpProxy, x__xgafv=None)
+    get(project, region, targetHttpProxy)
   
Returns the specified TargetHttpProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    #
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    #
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    #
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -202,7 +227,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a TargetHttpProxy resource in the specified project and region using the data included in the request.
 
 Args:
@@ -211,32 +236,60 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -270,7 +323,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -284,21 +338,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpProxy resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -306,17 +366,32 @@ 
Method Details

     { # A list of TargetHttpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpProxy resources.
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTP Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+        #
+        # A target HTTP proxy is a component of GCP HTTP load balancers.
+        #
+        # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+        #
+        # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -327,7 +402,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -353,7 +429,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, region, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, region, targetHttpProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpProxy.
 
 Args:
@@ -367,16 +443,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -410,7 +499,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -424,7 +514,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -440,10 +530,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regionTargetHttpsProxies.html b/docs/dyn/compute_beta.regionTargetHttpsProxies.html
index 66c5aeabe34..92679f21cb8 100644
--- a/docs/dyn/compute_beta.regionTargetHttpsProxies.html
+++ b/docs/dyn/compute_beta.regionTargetHttpsProxies.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetHttpsProxy, requestId=None, x__xgafv=None)

+  delete(project, region, targetHttpsProxy, requestId=None)

 
Deletes the specified TargetHttpsProxy resource.

 

-  get(project, region, targetHttpsProxy, x__xgafv=None)

+  get(project, region, targetHttpsProxy)

 
Returns the specified TargetHttpsProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a TargetHttpsProxy resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpsProxy resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None)

 
Replaces SslCertificates for TargetHttpsProxy.

 

-  setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpsProxy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,23 +108,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetHttpsProxy, requestId=None, x__xgafv=None)
+    delete(project, region, targetHttpsProxy, requestId=None)
   
Deletes the specified TargetHttpsProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,49 +186,73 @@ 
Method Details

 

 
 

-    get(project, region, targetHttpsProxy, x__xgafv=None)
+    get(project, region, targetHttpsProxy)
   
Returns the specified TargetHttpsProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    #
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    #
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    #
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a TargetHttpsProxy resource in the specified project and region using the data included in the request.
 
 Args:
@@ -223,41 +261,82 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -291,7 +370,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -305,21 +385,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpsProxy resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -327,29 +413,57 @@ 
Method Details

     { # Contains a list of TargetHttpsProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpsProxy resources.
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTPS Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+        #
+        # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+        #
+        # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+        #
+        # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
       "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
       "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+          # Refer to the AuthorizationPolicy resource for additional details.
+          # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # Note: This field currently has no impact.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
+      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+          # - When quic-override is set to NONE, Google manages whether QUIC is used.
+          # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+          # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+          # - If the quic-override flag is not specified, NONE is implied.
       "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+          # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # If left blank, communications are not encrypted.
+          # Note: This field currently has no impact.
       "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
         "A String",
       ],
       "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+          # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+          # - projects/project/global/urlMaps/url-map
+          # - global/urlMaps/url-map
     },
   ],
   "kind": "compute#targetHttpsProxyList", # Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.
@@ -357,7 +471,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -383,7 +498,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None)
   
Replaces SslCertificates for TargetHttpsProxy.
 
 Args:
@@ -399,16 +514,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -442,7 +570,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -456,7 +585,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpsProxy.
 
 Args:
@@ -470,16 +599,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -513,7 +655,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -527,7 +670,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -543,10 +686,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regionUrlMaps.html b/docs/dyn/compute_beta.regionUrlMaps.html
index e0a43774265..f90f4668827 100644
--- a/docs/dyn/compute_beta.regionUrlMaps.html
+++ b/docs/dyn/compute_beta.regionUrlMaps.html
@@ -78,34 +78,34 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, urlMap, requestId=None, x__xgafv=None)

+  delete(project, region, urlMap, requestId=None)

 
Deletes the specified UrlMap resource.

 

-  get(project, region, urlMap, x__xgafv=None)

+  get(project, region, urlMap)

 
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a UrlMap resource in the specified project using the data included in the request.

 

-  invalidateCache(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

-
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).

+  invalidateCache(project, region, urlMap, body=None, requestId=None)

+
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of UrlMap resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, urlMap, body=None, requestId=None)

 
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

+  update(project, region, urlMap, body=None, requestId=None)

 
Updates the specified UrlMap resource with the data included in the request.

 

-  validate(project, region, urlMap, body=None, x__xgafv=None)

+  validate(project, region, urlMap, body=None)

 
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.

 
Method Details

 

@@ -114,7 +114,7 @@ 
Method Details

 

 
 

-    delete(project, region, urlMap, requestId=None, x__xgafv=None)
+    delete(project, region, urlMap, requestId=None)
   
Deletes the specified UrlMap resource.
 
 Args:
@@ -122,15 +122,24 @@ 
Method Details

   region: string, Name of the region scoping this request. (required)
   urlMap: string, Name of the UrlMap resource to delete. (required)
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -164,7 +173,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -178,36 +188,55 @@ 
Method Details

 

 
 

-    get(project, region, urlMap, x__xgafv=None)
+    get(project, region, urlMap)
   
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   urlMap: string, Name of the UrlMap resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+    #
+    # Google Compute Engine has two URL Map resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    #
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    #
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    #
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    #
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    #
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    #
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -216,53 +245,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -272,34 +332,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -309,7 +396,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -319,7 +407,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -330,19 +419,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -351,53 +446,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -407,33 +533,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -443,7 +599,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -451,24 +608,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -477,53 +642,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -533,37 +729,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -573,21 +795,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -596,60 +822,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -658,53 +936,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -714,25 +1023,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -740,11 +1069,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -753,14 +1087,15 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a UrlMap resource in the specified project using the data included in the request.
 
 Args:
@@ -769,21 +1104,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -792,53 +1150,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -848,34 +1237,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -885,7 +1301,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -895,7 +1312,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -906,19 +1324,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -927,53 +1351,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -983,33 +1438,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1019,7 +1504,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1027,24 +1513,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1053,53 +1547,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1109,37 +1634,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1149,21 +1700,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1172,60 +1727,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1234,53 +1841,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1290,25 +1928,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1316,11 +1974,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -1329,21 +1992,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1377,7 +2050,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1391,8 +2065,10 @@ 
Method Details

 

 
 

-    invalidateCache(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
-  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
+    invalidateCache(project, region, urlMap, body=None, requestId=None)
+  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.
+
+For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1407,15 +2083,24 @@ 
Method Details

 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1449,7 +2134,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1463,21 +2149,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of UrlMap resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1485,21 +2177,44 @@ 
Method Details

     { # Contains a list of UrlMap resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of UrlMap resources.
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+        #
+        # Google Compute Engine has two URL Map resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+        #
+        # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+        #
+        # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+        #
+        # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+        #
+        # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+        #
+        # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+        #
+        # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+          # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1508,53 +2223,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1564,34 +2310,61 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # The headerAction specified here take effect after headerAction specified under pathMatcher.
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1601,7 +2374,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1611,7 +2385,8 @@ 
Method Details

       "hostRules": [ # The list of HostRules to use against the URL.
         { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+              # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "A String",
           ],
           "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -1622,19 +2397,25 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "pathMatchers": [ # The list of named PathMatchers to use against the URL.
         { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1643,53 +2424,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1699,33 +2511,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+              # - compute/v1/projects/project/global/backendServices/backendService
+              # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+              # - compute.backendBuckets.use
+              # - compute.backendServices.use
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1735,7 +2577,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1743,24 +2586,32 @@ 
Method Details

             ],
           },
           "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+              # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+              # Within a given pathMatcher, only one of pathRules or routeRules must be set.
             { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
               "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                 "A String",
               ],
-              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of routeAction or urlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1769,53 +2620,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1825,37 +2707,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
-          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+              # Within a given pathMatcher, you can set only one of pathRules or routeRules.
             { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-              "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "description": "A String", # The short description conveying the intent of this routeRule.
+                  # The description can have a maximum length of 1024 characters.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1865,21 +2773,25 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                   "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
                 },
               ],
-              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1888,60 +2800,112 @@ 
Method Details

               ],
               "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                 { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                      # fullPathMatch must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                   "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                     { # matchRule criteria for request header matches.
-                      "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "headerName": "A String", # The name of the HTTP header to match.
+                          # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                          # For matching a request's method, use the headerName ":method".
+                          # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                          # The default setting is false.
+                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                          # For example for a range [-5, 0]
+                          # - -3 will match.
+                          # - 0 will not match.
+                          # - 0.25 will not match.
+                          # - -3someString will not match.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                         "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                         "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                       },
-                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                          # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                     },
                   ],
-                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                      # The default value is false.
+                      # ignoreCase must not be used with regexMatch.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                      # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                          # This list must not be empty and can have at the most 64 entries.
                         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                          "name": "A String", # Name of metadata label.
+                              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                          "value": "A String", # The value of the label must match the specified value.
+                              # value can have a maximum length of 1024 characters.
                         },
                       ],
-                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                          # Supported values are:
+                          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                     },
                   ],
-                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                      # The value must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                      # Not supported when the URL map is bound to target gRPC proxy.
                     { # HttpRouteRuleMatch criteria for a request's query parameter.
-                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
                       "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                  # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                  # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1950,53 +2914,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2006,25 +3001,45 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
@@ -2032,11 +3047,16 @@ 
Method Details

       ],
       "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         { # Message for the expected URL mappings.
           "description": "A String", # Description of this test case.
-          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+              # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+              # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+              # expectedOutputUrl is optional when service is specified.
+          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+              # expectedRedirectResponseCode cannot be set when service is set.
           "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
             { # HTTP headers used in UrlMapTests.
               "name": "A String", # Header name.
@@ -2045,7 +3065,8 @@ 
Method Details

           ],
           "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
           "path": "A String", # Path portion of the URL.
-          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+              # service cannot be set if expectedRedirectResponseCode is set.
         },
       ],
     },
@@ -2055,7 +3076,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2081,7 +3103,7 @@ 
Method Details

 

 
 

-    patch(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, urlMap, body=None, requestId=None)
   
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -2091,21 +3113,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2114,53 +3159,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2170,34 +3246,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2207,7 +3310,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2217,7 +3321,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2228,19 +3333,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2249,53 +3360,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2305,33 +3447,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2341,7 +3513,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2349,24 +3522,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2375,53 +3556,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2431,37 +3643,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2471,21 +3709,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -2494,60 +3736,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2556,53 +3850,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2612,25 +3937,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -2638,11 +3983,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -2651,21 +4001,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2699,7 +4059,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2713,7 +4074,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -2729,10 +4090,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2745,7 +4102,7 @@ 
Method Details

 

 
 

-    update(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
+    update(project, region, urlMap, body=None, requestId=None)
   
Updates the specified UrlMap resource with the data included in the request.
 
 Args:
@@ -2755,21 +4112,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2778,53 +4158,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2834,34 +4245,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2871,7 +4309,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2881,7 +4320,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2892,19 +4332,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2913,53 +4359,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2969,33 +4446,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3005,7 +4512,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3013,24 +4521,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3039,53 +4555,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3095,37 +4642,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3135,21 +4708,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3158,60 +4735,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3220,53 +4849,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3276,25 +4936,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3302,11 +4982,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -3315,21 +5000,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3363,7 +5058,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3377,7 +5073,7 @@ 
Method Details

 

 
 

-    validate(project, region, urlMap, body=None, x__xgafv=None)
+    validate(project, region, urlMap, body=None)
   
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.
 
 Args:
@@ -3388,21 +5084,44 @@ 
Method Details

     The object takes the form of:
 
 {
-  "resource": { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts. # Content of the UrlMap to be validated.
+  "resource": { # Represents a URL Map resource. # Content of the UrlMap to be validated.
+      #
+      # Google Compute Engine has two URL Map resources:
+      #
+      # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+      #
+      # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+      #
+      # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+      #
+      # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+      #
+      # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+      #
+      # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+      #
+      # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-    "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+    "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+        # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+        # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+        # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+            # Default is false.
         "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
           "A String",
         ],
         "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
           "A String",
         ],
-        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
-        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
         "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3411,53 +5130,84 @@ 
Method Details

         ],
         "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
       },
-      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+          # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
         "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-          "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "httpStatus": 42, # The HTTP status code used to abort the request.
+              # The value must be between 200 and 599 inclusive.
+              # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
         "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
           "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+          # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
       },
-      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+            # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+            # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+            # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+            # -
+            # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+            # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+            # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+            # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+            # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+            # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+            # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
           "A String",
         ],
       },
-      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+          # If not specified, will use the largest timeout among all backend services associated with the route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+          # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+            # The value must be between 1 and 255 characters.
+        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+            # The value must be between 1 and 1024 characters.
       },
-      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-        { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+          # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+        { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
           "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3467,34 +5217,61 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+              # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+              # The value must be between 0 and 1000
         },
       ],
     },
-    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+        # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+        # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+        # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+          # The value must be between 1 and 255 characters.
+      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+          # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+          # The default is set to false.
+      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+          # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+          # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+          # Supported values are:
+          # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+          # - FOUND, which corresponds to 302.
+          # - SEE_OTHER which corresponds to 303.
+          # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+          # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+          # The default is set to false.
     },
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+        # The headerAction specified here take effect after headerAction specified under pathMatcher.
+        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3504,7 +5281,8 @@ 
Method Details

         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3514,7 +5292,8 @@ 
Method Details

     "hostRules": [ # The list of HostRules to use against the URL.
       { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+            # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "A String",
         ],
         "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -3525,19 +5304,25 @@ 
Method Details

     "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     "pathMatchers": [ # The list of named PathMatchers to use against the URL.
       { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-        "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+        "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+            # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+            # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                # Default is false.
             "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
               "A String",
             ],
             "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
               "A String",
             ],
-            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
-            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
             "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3546,53 +5331,84 @@ 
Method Details

             ],
             "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
           },
-          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+              # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
             "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-              "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "httpStatus": 42, # The HTTP status code used to abort the request.
+                  # The value must be between 200 and 599 inclusive.
+                  # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
             "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
               "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+              # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
           },
-          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                # -
+                # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
               "A String",
             ],
           },
-          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+              # If not specified, will use the largest timeout among all backend services associated with the route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+              # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                # The value must be between 1 and 255 characters.
+            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                # The value must be between 1 and 1024 characters.
           },
-          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-            { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+              # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+            { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
               "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3602,33 +5418,63 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                  # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                  # The value must be between 0 and 1000
             },
           ],
         },
-        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+            # - compute/v1/projects/project/global/backendServices/backendService
+            # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+            # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+            # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+            # - compute.backendBuckets.use
+            # - compute.backendServices.use
+        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+            # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+              # The value must be between 1 and 255 characters.
+          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+              # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+              # The default is set to false.
+          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+              # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+              # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+              # Supported values are:
+              # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+              # - FOUND, which corresponds to 302.
+              # - SEE_OTHER which corresponds to 303.
+              # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+              # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+              # The default is set to false.
         },
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3638,7 +5484,8 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3646,24 +5493,32 @@ 
Method Details

           ],
         },
         "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+            # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+            # Within a given pathMatcher, only one of pathRules or routeRules must be set.
           { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
             "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
               "A String",
             ],
-            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of routeAction or urlRedirect must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3672,53 +5527,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3728,37 +5614,63 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
-        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+            # Within a given pathMatcher, you can set only one of pathRules or routeRules.
           { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-            "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "description": "A String", # The short description conveying the intent of this routeRule.
+                # The description can have a maximum length of 1024 characters.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3768,21 +5680,25 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                 "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
               },
             ],
-            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3791,60 +5707,112 @@ 
Method Details

             ],
             "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
               { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                    # fullPathMatch must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                 "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                   { # matchRule criteria for request header matches.
-                    "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "headerName": "A String", # The name of the HTTP header to match.
+                        # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                        # For matching a request's method, use the headerName ":method".
+                        # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                        # The default setting is false.
+                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                        # For example for a range [-5, 0]
+                        # - -3 will match.
+                        # - 0 will not match.
+                        # - 0.25 will not match.
+                        # - -3someString will not match.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                       "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                       "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                     },
-                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                        # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                   },
                 ],
-                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                    # The default value is false.
+                    # ignoreCase must not be used with regexMatch.
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                    # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                    # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                      # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                        # This list must not be empty and can have at the most 64 entries.
                       { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                        "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                        "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                        "name": "A String", # Name of metadata label.
+                            # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                        "value": "A String", # The value of the label must match the specified value.
+                            # value can have a maximum length of 1024 characters.
                       },
                     ],
-                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                        # Supported values are:
+                        # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                        # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                   },
                 ],
-                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                    # The value must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                    # Not supported when the URL map is bound to target gRPC proxy.
                   { # HttpRouteRuleMatch criteria for a request's query parameter.
-                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
                     "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                        # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                   },
                 ],
-                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                    # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               },
             ],
-            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3853,53 +5821,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3909,25 +5908,45 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
@@ -3935,11 +5954,16 @@ 
Method Details

     ],
     "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
     "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       { # Message for the expected URL mappings.
         "description": "A String", # Description of this test case.
-        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+            # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+            # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+            # expectedOutputUrl is optional when service is specified.
+        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+            # expectedRedirectResponseCode cannot be set when service is set.
         "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
           { # HTTP headers used in UrlMapTests.
             "name": "A String", # Header name.
@@ -3948,16 +5972,13 @@ 
Method Details

         ],
         "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
         "path": "A String", # Path portion of the URL.
-        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+            # service cannot be set if expectedRedirectResponseCode is set.
       },
     ],
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.regions.html b/docs/dyn/compute_beta.regions.html
index 0c6bf86e4ec..007ba6d30fd 100644
--- a/docs/dyn/compute_beta.regions.html
+++ b/docs/dyn/compute_beta.regions.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, x__xgafv=None)

+  get(project, region)

 
Returns the specified Region resource. Gets a list of available regions by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of region resources available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,21 +93,19 @@ 
Method Details

 

 
 

-    get(project, region, x__xgafv=None)
+    get(project, region)
   
Returns the specified Region resource. Gets a list of available regions by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Region resource. A region is a geographical area where a resource is located. For more information, read Regions and Zones.
+    { # Represents a Region resource.
+    #
+    # A region is a geographical area where a resource is located. For more information, read Regions and Zones. (== resource_for {$api_version}.regions ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this region.
     "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -138,20 +136,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of region resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -159,7 +163,9 @@ 
Method Details

     { # Contains a list of region resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Region resources.
-    { # Represents a Region resource. A region is a geographical area where a resource is located. For more information, read Regions and Zones.
+    { # Represents a Region resource.
+        #
+        # A region is a geographical area where a resource is located. For more information, read Regions and Zones. (== resource_for {$api_version}.regions ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this region.
         "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -193,7 +199,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.reservations.html b/docs/dyn/compute_beta.reservations.html
index 58534eddcf7..77d0ed1bed1 100644
--- a/docs/dyn/compute_beta.reservations.html
+++ b/docs/dyn/compute_beta.reservations.html
@@ -75,7 +75,7 @@
 
Compute Engine API . reservations

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of reservations.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, reservation, requestId=None, x__xgafv=None)

+  delete(project, zone, reservation, requestId=None)

 
Deletes the specified reservation.

 

-  get(project, zone, reservation, x__xgafv=None)

+  get(project, zone, reservation)

 
Retrieves information about the specified reservation.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a new reservation. For more information, read Reserving zonal resources.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
A list of all the reservations that have been configured for the specified project in specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  resize(project, zone, reservation, body=None, requestId=None, x__xgafv=None)

+  resize(project, zone, reservation, body=None, requestId=None)

 
Resizes the reservation (applicable to standalone reservations only). For more information, read Modifying reservations.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of reservations.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,7 +142,7 @@ 
Method Details

   "items": { # A list of Allocation resources.
     "a_key": { # Name of the scope containing this set of reservations.
       "reservations": [ # A list of reservations contained in this scope.
-        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
           "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -175,7 +181,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of reservations when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -193,7 +200,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -224,23 +232,36 @@ 
Method Details

 

 
 

-    delete(project, zone, reservation, requestId=None, x__xgafv=None)
+    delete(project, zone, reservation, requestId=None)
   
Deletes the specified reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   reservation: string, Name of the reservation to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -274,7 +295,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -288,22 +310,18 @@ 
Method Details

 

 
 

-    get(project, zone, reservation, x__xgafv=None)
+    get(project, zone, reservation)
   
Retrieves information about the specified reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   reservation: string, Name of the reservation to retrieve. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
   "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -342,7 +360,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -350,27 +368,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -378,76 +420,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a new reservation. For more information, read Reserving zonal resources.
 
 Args:
@@ -456,7 +566,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+{ # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
   "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -493,16 +603,29 @@ 
Method Details

   "zone": "A String", # Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -536,7 +659,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -550,21 +674,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
A list of all the reservations that have been configured for the specified project in specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -572,7 +702,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Allocation resources.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -614,7 +744,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -640,7 +771,7 @@ 
Method Details

 

 
 

-    resize(project, zone, reservation, body=None, requestId=None, x__xgafv=None)
+    resize(project, zone, reservation, body=None, requestId=None)
   
Resizes the reservation (applicable to standalone reservations only). For more information, read Modifying reservations.
 
 Args:
@@ -654,16 +785,29 @@ 
Method Details

   "specificSkuCount": "A String", # Number of allocated resources can be resized with minimum = 1 and maximum = 1000.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -697,7 +841,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -711,7 +856,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -724,33 +869,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -758,95 +977,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -854,76 +1165,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -939,10 +1318,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.resourcePolicies.html b/docs/dyn/compute_beta.resourcePolicies.html
index f3310e9ca10..67e9f0151b3 100644
--- a/docs/dyn/compute_beta.resourcePolicies.html
+++ b/docs/dyn/compute_beta.resourcePolicies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . resourcePolicies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of resource policies.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, resourcePolicy, requestId=None, x__xgafv=None)

+  delete(project, region, resourcePolicy, requestId=None)

 
Deletes the specified resource policy.

 

-  get(project, region, resourcePolicy, x__xgafv=None)

+  get(project, region, resourcePolicy)

 
Retrieves all information of the specified resource policy.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a new resource policy.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
A list all the resource policies that have been configured for the specified project in specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of resource policies.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -135,6 +141,8 @@ 
Method Details

     "a_key": { # Name of the scope containing this set of resourcePolicies.
       "resourcePolicies": [ # A list of resourcePolicies contained in this scope.
         { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+            #
+            # (== resource_for {$api_version}.resourcePolicies ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String",
           "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -206,7 +214,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of resourcePolicies when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -224,7 +233,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -255,23 +265,36 @@ 
Method Details

 

 
 

-    delete(project, region, resourcePolicy, requestId=None, x__xgafv=None)
+    delete(project, region, resourcePolicy, requestId=None)
   
Deletes the specified resource policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   resourcePolicy: string, Name of the resource policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -305,7 +328,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -319,22 +343,20 @@ 
Method Details

 

 
 

-    get(project, region, resourcePolicy, x__xgafv=None)
+    get(project, region, resourcePolicy)
   
Retrieves all information of the specified resource policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   resourcePolicy: string, Name of the resource policy to retrieve. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+    #
+    # (== resource_for {$api_version}.resourcePolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String",
   "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -406,7 +428,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -414,27 +436,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -442,76 +488,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a new resource policy.
 
 Args:
@@ -521,6 +635,8 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+    # 
+    # (== resource_for {$api_version}.resourcePolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String",
   "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -590,16 +706,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of resource policy creation.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -633,7 +762,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -647,21 +777,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
A list all the resource policies that have been configured for the specified project in specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -671,6 +807,8 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of ResourcePolicy resources.
     { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+        #
+        # (== resource_for {$api_version}.resourcePolicies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String",
       "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -745,7 +883,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -771,7 +910,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -784,33 +923,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -818,95 +1031,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -914,76 +1219,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -999,10 +1372,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.routers.html b/docs/dyn/compute_beta.routers.html
index 1da47f0f108..089c4914c9e 100644
--- a/docs/dyn/compute_beta.routers.html
+++ b/docs/dyn/compute_beta.routers.html
@@ -75,7 +75,7 @@
 
Compute Engine API . routers

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of routers.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,58 +84,64 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, router, requestId=None, x__xgafv=None)

+  delete(project, region, router, requestId=None)

 
Deletes the specified Router resource.

 

-  get(project, region, router, x__xgafv=None)

+  get(project, region, router)

 
Returns the specified Router resource. Gets a list of available routers by making a list() request.

 

-  getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves runtime Nat mapping information of VM endpoints.

 

   getNatMappingInfo_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  getRouterStatus(project, region, router, x__xgafv=None)

+  getRouterStatus(project, region, router)

 
Retrieves runtime information of the specified router.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a Router resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Router resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, router, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, router, body=None, requestId=None)

 
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  preview(project, region, router, body=None, x__xgafv=None)

+  preview(project, region, router, body=None)

 
Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, region, router, body=None, requestId=None, x__xgafv=None)

+  update(project, region, router, body=None, requestId=None)

 
Updates the specified Router resource with the data included in the request. This method conforms to PUT semantics, which requests that the state of the target resource be created or replaced with the state defined by the representation enclosed in the request message payload.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of routers.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -145,7 +151,9 @@ 
Method Details

   "items": { # A list of Router resources.
     "a_key": { # Name of the scope containing this set of routers.
       "routers": [ # A list of routers contained in this scope.
-        { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+        { # Represents a Cloud Router resource.
+            #
+            # For more information about Cloud Router, read the Cloud Router overview.
           "bgp": { # BGP information specific to this router.
             "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
             "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -158,12 +166,17 @@ 
Method Details

               },
             ],
             "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-            "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+            "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+                # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+                # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+                # If set, this value must be between 20 and 60. The default is 20.
           },
           "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
             {
               "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-              "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+              "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+                  # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+                  # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
                 "A String",
               ],
               "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -173,16 +186,31 @@ 
Method Details

                 },
               ],
               "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-              "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-                "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-                "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-                "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-                "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+              "bfd": { # BFD configuration for the BGP peering.
+                  # Not currently available publicly.
+                "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+                    # Not currently available publicly.
+                    # If set, this value must be between 100 and 30000.
+                    # The default is 300.
+                "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+                    # Not currently available publicly.
+                    # If set, this value must be between 100 and 30000.
+                    # The default is 300.
+                "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+                    # Not currently available publicly.
+                    # If set, the value must be a value between 2 and 16.
+                    # The default is 3.
+                "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+                    # Not currently available publicly.
+                    # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
               },
-              "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+              "enable": "A String", # The status of the BGP peer connection.
+                  # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
               "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
               "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-              "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+              "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+                  # - MANAGED_BY_USER is the default value and can be managed by you or other users
+                  # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
               "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
               "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
               "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -191,14 +219,17 @@ 
Method Details

           ],
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+          "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+              # Not currently available publicly.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
             {
               "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
               "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
               "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-              "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+              "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+                  # - MANAGED_BY_USER is the default value and can be managed directly by users.
+                  # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
               "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
               "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
               "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -216,15 +247,23 @@ 
Method Details

               "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
               "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
                 "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-                "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+                "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+                    # - ERRORS_ONLY: Export logs only for connection failures.
+                    # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+                    # - ALL: Export logs for all connections, successful and unsuccessful.
               },
               "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
               "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-              "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+              "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+                  # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+                  # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
               "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
                 "A String",
               ],
-              "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+              "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+                  # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+                  # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+                  # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
               "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
                 { # Defines the IP ranges that want to use NAT for a subnetwork.
                   "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -248,7 +287,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of routers when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -266,7 +306,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -297,23 +338,36 @@ 
Method Details

 

 
 

-    delete(project, region, router, requestId=None, x__xgafv=None)
+    delete(project, region, router, requestId=None)
   
Deletes the specified Router resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -347,7 +401,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -361,22 +416,20 @@ 
Method Details

 

 
 

-    get(project, region, router, x__xgafv=None)
+    get(project, region, router)
   
Returns the specified Router resource. Gets a list of available routers by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+    { # Represents a Cloud Router resource.
+    #
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -389,12 +442,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -404,16 +462,31 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -422,14 +495,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -447,15 +523,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -479,23 +563,29 @@ 
Method Details

 

 
 

-    getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    getNatMappingInfo(project, region, router, filter=None, maxResults=None, natName=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves runtime Nat mapping information of VM endpoints.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to query for Nat Mapping information of VM endpoints. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
   natName: string, Name of the nat service to filter the Nat Mapping information. If it is omitted, all nats for this router will be returned. Name should conform to RFC1035.
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -526,7 +616,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -552,17 +643,13 @@ 
Method Details

 

 
 

-    getRouterStatus(project, region, router, x__xgafv=None)
+    getRouterStatus(project, region, router)
   
Retrieves runtime information of the specified router.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to query. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -571,7 +658,9 @@ 
Method Details

   "kind": "compute#routerStatusResponse", # Type of resource.
   "result": {
     "bestRoutes": [ # Best routes for this router's network.
-      { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+      { # Represents a Route resource.
+          #
+          # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
         "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
         "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
         "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -579,9 +668,13 @@ 
Method Details

         "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
         "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
         "network": "A String", # Fully-qualified URL of the network that this route applies to.
-        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+            # - 10.128.0.56
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+            # - regions/region/forwardingRules/forwardingRule
+        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
         "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
         "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
         "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -595,7 +688,8 @@ 
Method Details

         "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
           {
             "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-            "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+            "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
               {
                 "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                 "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -607,7 +701,9 @@ 
Method Details

       },
     ],
     "bestRoutesForRouter": [ # Best routes learned by this router.
-      { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+      { # Represents a Route resource.
+          #
+          # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
         "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
         "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
         "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -615,9 +711,13 @@ 
Method Details

         "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
         "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
         "network": "A String", # Fully-qualified URL of the network that this route applies to.
-        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+            # - 10.128.0.56
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+            # - regions/region/forwardingRules/forwardingRule
+        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
         "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
         "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
         "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -631,7 +731,8 @@ 
Method Details

         "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
           {
             "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-            "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+            "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
               {
                 "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                 "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -645,7 +746,9 @@ 
Method Details

     "bgpPeerStatus": [
       {
         "advertisedRoutes": [ # Routes that were advertised to the remote BGP peer
-          { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+          { # Represents a Route resource.
+              #
+              # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
             "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
             "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
             "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -653,9 +756,13 @@ 
Method Details

             "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
             "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
             "network": "A String", # Fully-qualified URL of the network that this route applies to.
-            "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-            "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-            "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+            "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+            "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+                # - 10.128.0.56
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+                # - regions/region/forwardingRules/forwardingRule
+            "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+                # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
             "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
             "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
             "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -669,7 +776,8 @@ 
Method Details

             "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
               {
                 "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-                "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+                "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                    # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
                   {
                     "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                     "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -780,7 +888,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a Router resource in the specified project and region using the data included in the request.
 
 Args:
@@ -789,7 +897,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -802,12 +912,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -817,16 +932,31 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -835,14 +965,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -860,15 +993,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -890,16 +1031,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -933,7 +1087,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -947,21 +1102,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Router resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -969,7 +1130,9 @@ 
Method Details

     { # Contains a list of Router resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Router resources.
-    { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+    { # Represents a Cloud Router resource.
+        #
+        # For more information about Cloud Router, read the Cloud Router overview.
       "bgp": { # BGP information specific to this router.
         "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
         "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -982,12 +1145,17 @@ 
Method Details

           },
         ],
         "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-        "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+        "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+            # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+            # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+            # If set, this value must be between 20 and 60. The default is 20.
       },
       "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
         {
           "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-          "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+          "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+              # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+              # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
             "A String",
           ],
           "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -997,16 +1165,31 @@ 
Method Details

             },
           ],
           "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-          "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-            "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-            "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-            "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-            "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+          "bfd": { # BFD configuration for the BGP peering.
+              # Not currently available publicly.
+            "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+                # Not currently available publicly.
+                # If set, this value must be between 100 and 30000.
+                # The default is 300.
+            "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+                # Not currently available publicly.
+                # If set, this value must be between 100 and 30000.
+                # The default is 300.
+            "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+                # Not currently available publicly.
+                # If set, the value must be a value between 2 and 16.
+                # The default is 3.
+            "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+                # Not currently available publicly.
+                # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
           },
-          "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+          "enable": "A String", # The status of the BGP peer connection.
+              # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
           "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
           "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-          "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+          "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+              # - MANAGED_BY_USER is the default value and can be managed by you or other users
+              # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
           "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
           "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1015,14 +1198,17 @@ 
Method Details

       ],
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+      "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+          # Not currently available publicly.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
         {
           "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
           "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
           "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-          "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+          "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+              # - MANAGED_BY_USER is the default value and can be managed directly by users.
+              # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
           "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
           "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1040,15 +1226,23 @@ 
Method Details

           "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
           "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
             "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-            "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+            "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+                # - ERRORS_ONLY: Export logs only for connection failures.
+                # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+                # - ALL: Export logs for all connections, successful and unsuccessful.
           },
           "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
           "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-          "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+          "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+              # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+              # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
           "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
             "A String",
           ],
-          "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+          "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+              # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+              # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+              # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
           "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
             { # Defines the IP ranges that want to use NAT for a subnetwork.
               "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1075,7 +1269,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1101,7 +1296,7 @@ 
Method Details

 

 
 

-    patch(project, region, router, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, router, body=None, requestId=None)
   
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -1111,7 +1306,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1124,12 +1321,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1139,16 +1341,31 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1157,14 +1374,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1182,15 +1402,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1212,16 +1440,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1255,7 +1496,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1269,7 +1511,7 @@ 
Method Details

 

 
 

-    preview(project, region, router, body=None, x__xgafv=None)
+    preview(project, region, router, body=None)
   
Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.
 
 Args:
@@ -1279,7 +1521,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1292,12 +1536,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1307,16 +1556,31 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1325,14 +1589,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1350,15 +1617,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1380,16 +1655,14 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     {
-  "resource": { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview. # Preview of given router.
+  "resource": { # Represents a Cloud Router resource. # Preview of given router.
+      #
+      # For more information about Cloud Router, read the Cloud Router overview.
     "bgp": { # BGP information specific to this router.
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
       "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1402,12 +1675,17 @@ 
Method Details

         },
       ],
       "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-      "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+      "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+          # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+          # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+          # If set, this value must be between 20 and 60. The default is 20.
     },
     "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
       {
         "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-        "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+        "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+            # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+            # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
           "A String",
         ],
         "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1417,16 +1695,31 @@ 
Method Details

           },
         ],
         "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-        "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-          "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-          "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-          "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-          "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+        "bfd": { # BFD configuration for the BGP peering.
+            # Not currently available publicly.
+          "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+              # Not currently available publicly.
+              # If set, this value must be between 100 and 30000.
+              # The default is 300.
+          "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+              # Not currently available publicly.
+              # If set, this value must be between 100 and 30000.
+              # The default is 300.
+          "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+              # Not currently available publicly.
+              # If set, the value must be a value between 2 and 16.
+              # The default is 3.
+          "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+              # Not currently available publicly.
+              # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
         },
-        "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+        "enable": "A String", # The status of the BGP peer connection.
+            # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
         "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
         "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-        "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+        "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+            # - MANAGED_BY_USER is the default value and can be managed by you or other users
+            # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
         "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
         "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
         "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1435,14 +1728,17 @@ 
Method Details

     ],
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+    "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+        # Not currently available publicly.
     "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
     "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
       {
         "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
         "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
         "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-        "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+        "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+            # - MANAGED_BY_USER is the default value and can be managed directly by users.
+            # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
         "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
         "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
         "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1460,15 +1756,23 @@ 
Method Details

         "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
         "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
           "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-          "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+          "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+              # - ERRORS_ONLY: Export logs only for connection failures.
+              # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+              # - ALL: Export logs for all connections, successful and unsuccessful.
         },
         "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
         "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-        "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+        "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+            # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+            # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
         "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
           "A String",
         ],
-        "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+        "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+            # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+            # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+            # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
         "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
           { # Defines the IP ranges that want to use NAT for a subnetwork.
             "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1493,7 +1797,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1509,10 +1813,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1525,7 +1825,7 @@ 
Method Details

 

 
 

-    update(project, region, router, body=None, requestId=None, x__xgafv=None)
+    update(project, region, router, body=None, requestId=None)
   
Updates the specified Router resource with the data included in the request. This method conforms to PUT semantics, which requests that the state of the target resource be created or replaced with the state defined by the representation enclosed in the request message payload.
 
 Args:
@@ -1535,7 +1835,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1548,12 +1850,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1563,16 +1870,31 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "bfd": { # BFD configuration for the BGP peering. Not currently available publicly.
-        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. Not currently available publicly. If set, this value must be between 100 and 30000. The default is 300.
-        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. Not currently available publicly. If set, the value must be a value between 2 and 16. The default is 3.
-        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. Not currently available publicly. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
+      "bfd": { # BFD configuration for the BGP peering.
+          # Not currently available publicly.
+        "minReceiveInterval": 42, # The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "minTransmitInterval": 42, # The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.
+            # Not currently available publicly.
+            # If set, this value must be between 100 and 30000.
+            # The default is 300.
+        "multiplier": 42, # The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.
+            # Not currently available publicly.
+            # If set, the value must be a value between 2 and 16.
+            # The default is 3.
+        "sessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer.
+            # Not currently available publicly.
+            # If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.
       },
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1581,14 +1903,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.
       "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -1606,15 +1931,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1636,16 +1969,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1679,7 +2025,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.routes.html b/docs/dyn/compute_beta.routes.html
index c3536bd36cd..9f1b12e0aab 100644
--- a/docs/dyn/compute_beta.routes.html
+++ b/docs/dyn/compute_beta.routes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, route, requestId=None, x__xgafv=None)

+  delete(project, route, requestId=None)

 
Deletes the specified Route resource.

 

-  get(project, route, x__xgafv=None)

+  get(project, route)

 
Returns the specified Route resource. Gets a list of available routes by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a Route resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Route resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, route, requestId=None, x__xgafv=None)
+    delete(project, route, requestId=None)
   
Deletes the specified Route resource.
 
 Args:
   project: string, Project ID for this request. (required)
   route: string, Name of the Route resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -151,7 +164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -165,21 +179,19 @@ 
Method Details

 

 
 

-    get(project, route, x__xgafv=None)
+    get(project, route)
   
Returns the specified Route resource. Gets a list of available routes by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   route: string, Name of the Route resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+    { # Represents a Route resource.
+    #
+    # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -187,9 +199,13 @@ 
Method Details

   "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # Fully-qualified URL of the network that this route applies to.
-  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+      # - 10.128.0.56
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+      # - regions/region/forwardingRules/forwardingRule
+  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+      # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
   "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
   "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
   "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -203,7 +219,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -216,7 +233,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a Route resource in the specified project using the data included in the request.
 
 Args:
@@ -224,7 +241,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+{ # Represents a Route resource.
+    # 
+    # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -232,9 +251,13 @@ 
Method Details

   "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # Fully-qualified URL of the network that this route applies to.
-  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+      # - 10.128.0.56
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+      # - regions/region/forwardingRules/forwardingRule
+  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+      # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
   "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
   "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
   "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -248,7 +271,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -259,16 +283,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -302,7 +339,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -316,20 +354,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Route resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -337,7 +381,9 @@ 
Method Details

     { # Contains a list of Route resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Route resources.
-    { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+    { # Represents a Route resource.
+        #
+        # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
       "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -345,9 +391,13 @@ 
Method Details

       "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # Fully-qualified URL of the network that this route applies to.
-      "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-      "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-      "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+      "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+      "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+          # - 10.128.0.56
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+          # - regions/region/forwardingRules/forwardingRule
+      "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+          # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
       "nextHopInterconnectAttachment": "A String", # [Output Only] The URL to an InterconnectAttachment which is the next hop for the route. This field will only be populated for the dynamic routes generated by Cloud Router with a linked interconnectAttachment.
       "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
       "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
@@ -361,7 +411,8 @@ 
Method Details

       "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -377,7 +428,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -403,7 +455,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -418,10 +470,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.securityPolicies.html b/docs/dyn/compute_beta.securityPolicies.html
index c14486485da..2d7b4adf499 100644
--- a/docs/dyn/compute_beta.securityPolicies.html
+++ b/docs/dyn/compute_beta.securityPolicies.html
@@ -75,50 +75,50 @@
 
Compute Engine API . securityPolicies

 
Instance Methods

 

-  addRule(project, securityPolicy, body=None, validateOnly=None, x__xgafv=None)

+  addRule(project, securityPolicy, body=None, validateOnly=None)

 
Inserts a rule into a security policy.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, securityPolicy, requestId=None, x__xgafv=None)

+  delete(project, securityPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(project, securityPolicy, x__xgafv=None)

+  get(project, securityPolicy)

 
List all of the ordered rules present in a single specified policy.

 

-  getRule(project, securityPolicy, priority=None, x__xgafv=None)

+  getRule(project, securityPolicy, priority=None)

 
Gets a rule at the specified priority.

 

-  insert(project, body=None, requestId=None, validateOnly=None, x__xgafv=None)

+  insert(project, body=None, requestId=None, validateOnly=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
List all the policies that have been configured for the specified project.

 

-  listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Gets the current list of preconfigured Web Application Firewall (WAF) expressions.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, securityPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, securityPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.

 

-  patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None, x__xgafv=None)

+  patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None)

 
Patches a rule at the specified priority.

 

-  removeRule(project, securityPolicy, priority=None, x__xgafv=None)

+  removeRule(project, securityPolicy, priority=None)

 
Deletes a rule at the specified priority.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on a security policy. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addRule(project, securityPolicy, body=None, validateOnly=None, x__xgafv=None)
+    addRule(project, securityPolicy, body=None, validateOnly=None)
   
Inserts a rule into a security policy.
 
 Args:
@@ -131,17 +131,27 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -150,7 +160,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -162,7 +190,9 @@ 
Method Details

   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -171,15 +201,24 @@ 
Method Details

 }
 
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -213,7 +252,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -232,22 +272,35 @@ 
Method Details

 

 
 

-    delete(project, securityPolicy, requestId=None, x__xgafv=None)
+    delete(project, securityPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -281,7 +334,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -295,21 +349,19 @@ 
Method Details

 

 
 

-    get(project, securityPolicy, x__xgafv=None)
+    get(project, securityPolicy)
   
List all of the ordered rules present in a single specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+    #
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -331,10 +383,14 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -346,17 +402,27 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -365,7 +431,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -377,7 +461,9 @@ 
Method Details

       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -392,17 +478,13 @@ 
Method Details

 

 
 

-    getRule(project, securityPolicy, priority=None, x__xgafv=None)
+    getRule(project, securityPolicy, priority=None)
   
Gets a rule at the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -411,17 +493,27 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      #
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -430,7 +522,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -442,7 +552,9 @@ 
Method Details

   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      #
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -452,7 +564,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, validateOnly=None, x__xgafv=None)
+    insert(project, body=None, requestId=None, validateOnly=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
@@ -460,7 +572,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -482,10 +596,14 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -497,17 +615,27 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -516,7 +644,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -528,7 +674,9 @@ 
Method Details

       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -541,17 +689,30 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -585,7 +746,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -599,20 +761,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
List all the policies that have been configured for the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -620,7 +788,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SecurityPolicy resources.
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+        #
+        # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
       "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
         "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
           "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -642,10 +812,14 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -657,17 +831,27 @@ 
Method Details

           "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+          "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+              #
+              # This field may only be specified when the versioned_expr is set to FIREWALL.
           "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
           "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
             "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-              "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+              "destIpRanges": [ # CIDR IP address range.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
-              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+              "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 {
                   "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+                  "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                      #
+                      # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                      #
+                      # This field may only be specified when versioned_expr is set to FIREWALL.
                     "A String",
                   ],
                 },
@@ -676,7 +860,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -688,7 +890,9 @@ 
Method Details

           "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
           "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
           "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+          "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
           "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -705,7 +909,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -717,20 +922,26 @@ 
Method Details

 

 
 

-    listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Gets the current list of preconfigured Web Application Firewall (WAF) expressions.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -745,10 +956,10 @@ 
Method Details

           ],
           "expressions": [ # List of available expressions.
             {
-              "id": "A String", # Expression ID should uniquely identify the origin of the expression. E.g. owasp-crs-v020901-id973337 identifies Owasp core rule set version 2.9.1 rule id 973337. The ID could be used to determine the individual attack definition that has been detected. It could also be used to exclude it from the policy in case of false positive. required
+              "id": "A String", # Expression ID should uniquely identify the origin of the expression. E.g. owasp-crs-v020901-id973337 identifies Owasp core rule set version 2.9.1 rule id 973337. The ID could be used to determine the individual attack definition that has been detected. It could also be used to exclude it from the policy in case of false positive.
             },
           ],
-          "id": "A String", # Google specified expression set ID. The format should be: - E.g. XSS-20170329 required
+          "id": "A String", # Google specified expression set ID. The format should be: - E.g. XSS-20170329
         },
       ],
     },
@@ -771,7 +982,7 @@ 
Method Details

 

 
 

-    patch(project, securityPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, securityPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.
 
 Args:
@@ -780,7 +991,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "adaptiveProtectionConfig": { # Configuration options for Cloud Armor Adaptive Protection (CAAP).
     "layer7DdosDefenseConfig": { # Configuration options for L7 DDoS detection. # If set to true, enables Cloud Armor Machine Learning.
       "enable": True or False, # If set to true, enables CAAP for L7 DDoS detection.
@@ -802,10 +1015,14 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # User-provided name of the Organization security plicy. The name should be unique in the organization in which the security policy is created. This should only be used when SecurityPolicyType is FIREWALL. The name must be 1-63 characters long, and comply with https://www.ietf.org/rfc/rfc1035.txt. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the security policy.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this security policy, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -817,17 +1034,27 @@ 
Method Details

       "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+      "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+          #
+          # This field may only be specified when the versioned_expr is set to FIREWALL.
       "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
       "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
         "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-          "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+          "destIpRanges": [ # CIDR IP address range.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
-          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+          "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             {
               "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+              "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                  #
+                  # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                  #
+                  # This field may only be specified when versioned_expr is set to FIREWALL.
                 "A String",
               ],
             },
@@ -836,7 +1063,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -848,7 +1093,9 @@ 
Method Details

       "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
       "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
       "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+      "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
       "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -861,16 +1108,29 @@ 
Method Details

   "type": "A String", # The type indicates the intended use of the security policy. CLOUD_ARMOR policies apply to backend services. FIREWALL policies apply to organizations.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -904,7 +1164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -918,7 +1179,7 @@ 
Method Details

 

 
 

-    patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None, x__xgafv=None)
+    patchRule(project, securityPolicy, body=None, priority=None, validateOnly=None)
   
Patches a rule at the specified priority.
 
 Args:
@@ -931,17 +1192,27 @@ 
Method Details

   "action": "A String", # The Action to perform when the client connection triggers the rule. Can currently be either "allow" or "deny()" where valid values for status are 403, 404, and 502.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "direction": "A String", # The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.
-  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules. This field may only be specified when the versioned_expr is set to FIREWALL.
+  "enableLogging": True or False, # Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on "goto_next" rules.
+      # 
+      # This field may only be specified when the versioned_expr is set to FIREWALL.
   "kind": "compute#securityPolicyRule", # [Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules
   "match": { # Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified. # A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.
     "config": { # The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified.
-      "destIpRanges": [ # CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL.
+      "destIpRanges": [ # CIDR IP address range.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         "A String",
       ],
-      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL.
+      "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
+          #
+          # This field may only be specified when versioned_expr is set to FIREWALL.
         {
           "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"]. This field may only be specified when versioned_expr is set to FIREWALL.
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+              #
+              # This field may only be specified when versioned_expr is set to FIREWALL.
             "A String",
           ],
         },
@@ -950,7 +1221,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -962,7 +1251,9 @@ 
Method Details

   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
   "ruleNumber": "A String", # Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server.
   "ruleTupleCount": 42, # [Output Only] Calculation of the complexity of a single firewall security policy rule.
-  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL.
+  "targetResources": [ # A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule.
+      # 
+      # This field may only be specified when versioned_expr is set to FIREWALL.
     "A String",
   ],
   "targetServiceAccounts": [ # A list of service accounts indicating the sets of instances that are applied with this rule.
@@ -972,15 +1263,24 @@ 
Method Details

 
   priority: integer, The priority of the rule to patch.
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1014,7 +1314,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1028,22 +1329,31 @@ 
Method Details

 

 
 

-    removeRule(project, securityPolicy, priority=None, x__xgafv=None)
+    removeRule(project, securityPolicy, priority=None)
   
Deletes a rule at the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to update. (required)
   priority: integer, The priority of the rule to remove from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1077,7 +1387,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1091,7 +1402,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on a security policy. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1107,15 +1418,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1149,7 +1469,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1163,7 +1484,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1178,10 +1499,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.serviceAttachments.html b/docs/dyn/compute_beta.serviceAttachments.html
index edbe1b66d49..f15644ab974 100644
--- a/docs/dyn/compute_beta.serviceAttachments.html
+++ b/docs/dyn/compute_beta.serviceAttachments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . serviceAttachments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all ServiceAttachment resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, serviceAttachment, requestId=None, x__xgafv=None)

+  delete(project, region, serviceAttachment, requestId=None)

 
Deletes the specified ServiceAttachment in the given scope

 

-  get(project, region, serviceAttachment, x__xgafv=None)

+  get(project, region, serviceAttachment)

 
Returns the specified ServiceAttachment resource in the given scope.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a ServiceAttachment in the specified project in the given scope using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the ServiceAttachments for a project in the given scope.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, serviceAttachment, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, serviceAttachment, body=None, requestId=None)

 
Patches the specified ServiceAttachment resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all ServiceAttachment resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,7 +142,9 @@ 
Method Details

   "items": { # A list of ServiceAttachmentsScopedList resources.
     "a_key": { # Name of the scope containing this set of ServiceAttachments.
       "serviceAttachments": [ # A list of ServiceAttachments contained in this scope.
-        { # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+        { # Represents a ServiceAttachment resource.
+            #
+            # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
           "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
             { # [Output Only] A connection connected to this service attachment.
               "endpoint": "A String", # The url of a connected endpoint.
@@ -184,7 +192,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of service attachments when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -202,7 +211,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -233,23 +243,36 @@ 
Method Details

 

 
 

-    delete(project, region, serviceAttachment, requestId=None, x__xgafv=None)
+    delete(project, region, serviceAttachment, requestId=None)
   
Deletes the specified ServiceAttachment in the given scope
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   serviceAttachment: string, Name of the ServiceAttachment resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -283,7 +306,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -297,22 +321,20 @@ 
Method Details

 

 
 

-    get(project, region, serviceAttachment, x__xgafv=None)
+    get(project, region, serviceAttachment)
   
Returns the specified ServiceAttachment resource in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   serviceAttachment: string, Name of the ServiceAttachment resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+    { # Represents a ServiceAttachment resource.
+    #
+    # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
   "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
     { # [Output Only] A connection connected to this service attachment.
       "endpoint": "A String", # The url of a connected endpoint.
@@ -360,7 +382,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -368,27 +390,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -396,76 +442,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a ServiceAttachment in the specified project in the given scope using the parameters that are included in the request.
 
 Args:
@@ -474,7 +588,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+{ # Represents a ServiceAttachment resource.
+    # 
+    # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
   "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
     { # [Output Only] A connection connected to this service attachment.
       "endpoint": "A String", # The url of a connected endpoint.
@@ -520,16 +636,29 @@ 
Method Details

   "targetService": "A String", # The URL of a service serving the endpoint identified by this service attachment.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -563,7 +692,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -577,21 +707,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the ServiceAttachments for a project in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -599,7 +735,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ServiceAttachment resources.
-    { # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+    { # Represents a ServiceAttachment resource.
+        #
+        # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
       "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
         { # [Output Only] A connection connected to this service attachment.
           "endpoint": "A String", # The url of a connected endpoint.
@@ -650,7 +788,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -676,7 +815,7 @@ 
Method Details

 

 
 

-    patch(project, region, serviceAttachment, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, serviceAttachment, body=None, requestId=None)
   
Patches the specified ServiceAttachment resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -686,7 +825,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a ServiceAttachment resource. A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
+{ # Represents a ServiceAttachment resource.
+    # 
+    # A service attachment represents a service that a producer has exposed. It encapsulates the load balancer which fronts the service runs and a list of NAT IP ranges that the producers uses to represent the consumers connecting to the service. next tag = 19
   "connectedEndpoints": [ # [Output Only] An array of connections for all the consumers connected to this service attachment.
     { # [Output Only] A connection connected to this service attachment.
       "endpoint": "A String", # The url of a connected endpoint.
@@ -732,16 +873,29 @@ 
Method Details

   "targetService": "A String", # The URL of a service serving the endpoint identified by this service attachment.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -775,7 +929,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -789,7 +944,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -802,33 +957,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -836,95 +1065,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -932,76 +1253,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1017,10 +1406,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.snapshots.html b/docs/dyn/compute_beta.snapshots.html
index 8afd623dcd7..3c1436ae489 100644
--- a/docs/dyn/compute_beta.snapshots.html
+++ b/docs/dyn/compute_beta.snapshots.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, snapshot, requestId=None, x__xgafv=None)

-
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot. For more information, see Deleting snapshots.

+  delete(project, snapshot, requestId=None)

+
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.

 

-  get(project, snapshot, x__xgafv=None)

+  get(project, snapshot)

 
Returns the specified Snapshot resource. Gets a list of available snapshots by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a snapshot in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Snapshot resources contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -111,22 +111,37 @@ 
Method Details

 

 
 

-    delete(project, snapshot, requestId=None, x__xgafv=None)
-  
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot. For more information, see Deleting snapshots.
+    delete(project, snapshot, requestId=None)
+  
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.
+
+For more information, see Deleting snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   snapshot: string, Name of the Snapshot resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -160,7 +175,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -174,21 +190,19 @@ 
Method Details

 

 
 

-    get(project, snapshot, x__xgafv=None)
+    get(project, snapshot)
   
Returns the specified Snapshot resource. Gets a list of available snapshots by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   snapshot: string, Name of the Snapshot resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+    { # Represents a Persistent Disk Snapshot resource.
+    #
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -198,7 +212,9 @@ 
Method Details

   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -212,11 +228,22 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      #
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      #
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -224,7 +251,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -238,34 +270,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -273,76 +329,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a snapshot in the specified project using the data included in the request.
 
 Args:
@@ -350,7 +474,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -360,7 +486,9 @@ 
Method Details

   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -374,11 +502,22 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -386,7 +525,12 @@ 
Method Details

     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+    "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+        #
+        # The key must meet the following requirements before you can provide it to Compute Engine:
+        # - The key is wrapped using a RSA public key certificate provided by Google.
+        # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+        # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -398,16 +542,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -441,7 +598,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -455,20 +613,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Snapshot resources contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -476,7 +640,9 @@ 
Method Details

     { # Contains a list of Snapshot resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Snapshot resources.
-    { # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+    { # Represents a Persistent Disk Snapshot resource.
+        #
+        # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
       "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
       "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -486,7 +652,9 @@ 
Method Details

       "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a snapshot.
       "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
         "a_key": "A String",
       },
@@ -500,11 +668,22 @@ 
Method Details

       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+      "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+          #
+          # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+          #
+          # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceDisk": "A String", # The source disk used to create this snapshot.
@@ -512,7 +691,12 @@ 
Method Details

         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
-        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+        "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+            #
+            # The key must meet the following requirements before you can provide it to Compute Engine:
+            # - The key is wrapped using a RSA public key certificate provided by Google.
+            # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+            # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.
@@ -529,7 +713,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -555,7 +740,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -567,33 +752,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -601,95 +860,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -697,76 +1048,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -782,15 +1201,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -824,7 +1252,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -838,7 +1267,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -853,10 +1282,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.sslCertificates.html b/docs/dyn/compute_beta.sslCertificates.html
index bf3074d2050..f8943b7cb2a 100644
--- a/docs/dyn/compute_beta.sslCertificates.html
+++ b/docs/dyn/compute_beta.sslCertificates.html
@@ -75,7 +75,7 @@
 
Compute Engine API . sslCertificates

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all SslCertificate resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, sslCertificate, requestId=None, x__xgafv=None)

+  delete(project, sslCertificate, requestId=None)

 
Deletes the specified SslCertificate resource.

 

-  get(project, sslCertificate, x__xgafv=None)

+  get(project, sslCertificate)

 
Returns the specified SslCertificate resource. Gets a list of available SSL certificates by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a SslCertificate resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of SslCertificate resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all SslCertificate resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -127,7 +133,21 @@ 
Method Details

   "items": { # A list of SslCertificatesScopedList resources.
     "a_key": { # Name of the scope containing this set of SslCertificates.
       "sslCertificates": [ # List of SslCertificates contained in this scope.
-        { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/beta/sslCertificates) * [Regional](/compute/docs/reference/rest/beta/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+        { # Represents an SSL Certificate resource.
+            #
+            # Google Compute Engine has two SSL Certificate resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+            #
+            #
+            #
+            # The sslCertificates are used by:
+            # - external HTTPS load balancers
+            # - SSL proxy load balancers
+            #
+            # The regionSslCertificates are used by internal HTTPS load balancers.
+            #
+            # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
           "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -159,7 +179,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -177,7 +198,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -208,22 +230,35 @@ 
Method Details

 

 
 

-    delete(project, sslCertificate, requestId=None, x__xgafv=None)
+    delete(project, sslCertificate, requestId=None)
   
Deletes the specified SslCertificate resource.
 
 Args:
   project: string, Project ID for this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -257,7 +292,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -271,21 +307,31 @@ 
Method Details

 

 
 

-    get(project, sslCertificate, x__xgafv=None)
+    get(project, sslCertificate)
   
Returns the specified SslCertificate resource. Gets a list of available SSL certificates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/beta/sslCertificates) * [Regional](/compute/docs/reference/rest/beta/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+    #
+    # Google Compute Engine has two SSL Certificate resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    #
+    #
+    #
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    #
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    #
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -317,7 +363,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a SslCertificate resource in the specified project using the data included in the request.
 
 Args:
@@ -325,7 +371,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/beta/sslCertificates) * [Regional](/compute/docs/reference/rest/beta/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+{ # Represents an SSL Certificate resource.
+    # 
+    # Google Compute Engine has two SSL Certificate resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    # 
+    # 
+    # 
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    # 
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    # 
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -355,16 +415,29 @@ 
Method Details

   "type": "A String", # (Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields certificate and private_key are used.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -398,7 +471,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -412,20 +486,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of SslCertificate resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -433,7 +513,21 @@ 
Method Details

     { # Contains a list of SslCertificate resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslCertificate resources.
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/beta/sslCertificates) * [Regional](/compute/docs/reference/rest/beta/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+        #
+        # Google Compute Engine has two SSL Certificate resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+        #
+        #
+        #
+        # The sslCertificates are used by:
+        # - external HTTPS load balancers
+        # - SSL proxy load balancers
+        #
+        # The regionSslCertificates are used by internal HTTPS load balancers.
+        #
+        # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
       "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -468,7 +562,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -494,7 +589,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -509,10 +604,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.sslPolicies.html b/docs/dyn/compute_beta.sslPolicies.html
index 23776ee87dd..7824ec435fd 100644
--- a/docs/dyn/compute_beta.sslPolicies.html
+++ b/docs/dyn/compute_beta.sslPolicies.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, sslPolicy, requestId=None, x__xgafv=None)

+  delete(project, sslPolicy, requestId=None)

 
Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.

 

-  get(project, sslPolicy, x__xgafv=None)

+  get(project, sslPolicy)

 
Lists all of the ordered rules present in a single specified policy.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Returns the specified SSL policy resource. Gets a list of available SSL policies by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the SSL policies that have been configured for the specified project.

 

-  listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all features that can be specified in the SSL policy when using custom profile.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, sslPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, sslPolicy, body=None, requestId=None)

 
Patches the specified SSL policy with the data included in the request.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, sslPolicy, requestId=None, x__xgafv=None)
+    delete(project, sslPolicy, requestId=None)
   
Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.
 
 Args:
   project: string, Project ID for this request. (required)
   sslPolicy: string, Name of the SSL policy to delete. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,30 +185,31 @@ 
Method Details

 

 
 

-    get(project, sslPolicy, x__xgafv=None)
+    get(project, sslPolicy)
   
Lists all of the ordered rules present in a single specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   sslPolicy: string, Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+    { # Represents an SSL Policy resource.
+    #
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -204,7 +219,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -217,7 +233,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Returns the specified SSL policy resource. Gets a list of available SSL policies by making a list() request.
 
 Args:
@@ -225,16 +241,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+{ # Represents an SSL Policy resource.
+    # 
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -244,7 +265,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -255,16 +277,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -298,7 +333,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -312,20 +348,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the SSL policies that have been configured for the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -333,16 +375,21 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslPolicy resources.
-    { # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+    { # Represents an SSL Policy resource.
+        #
+        # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+      "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+          # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
         "A String",
       ],
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
         "A String",
       ],
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
       "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -352,7 +399,8 @@ 
Method Details

       "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -368,7 +416,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -380,20 +429,26 @@ 
Method Details

 

 
 

-    listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all features that can be specified in the SSL policy when using custom profile.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -420,7 +475,7 @@ 
Method Details

 

 
 

-    patch(project, sslPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, sslPolicy, body=None, requestId=None)
   
Patches the specified SSL policy with the data included in the request.
 
 Args:
@@ -429,16 +484,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+{ # Represents an SSL Policy resource.
+    # 
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -448,7 +508,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -459,16 +520,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -502,7 +576,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -516,7 +591,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -531,10 +606,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.subnetworks.html b/docs/dyn/compute_beta.subnetworks.html
index 31ed28fa8b3..33565affde1 100644
--- a/docs/dyn/compute_beta.subnetworks.html
+++ b/docs/dyn/compute_beta.subnetworks.html
@@ -75,7 +75,7 @@
 
Compute Engine API . subnetworks

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of subnetworks.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,25 +84,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, subnetwork, requestId=None, x__xgafv=None)

+  delete(project, region, subnetwork, requestId=None)

 
Deletes the specified subnetwork.

 

-  expandIpCidrRange(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)

+  expandIpCidrRange(project, region, subnetwork, body=None, requestId=None)

 
Expands the IP CIDR range of the subnetwork to a specified value.

 

-  get(project, region, subnetwork, x__xgafv=None)

+  get(project, region, subnetwork)

 
Returns the specified subnetwork. Gets a list of available subnetworks list() request.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a subnetwork in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of subnetworks available to the specified project.

 

-  listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of all usable subnetworks in the project.

 

   listUsable_next(previous_request, previous_response)

@@ -111,34 +111,40 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None, x__xgafv=None)

+  patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None)

 
Patches the specified subnetwork with the data included in the request. Only certain fields can be updated with a patch request as indicated in the field descriptions. You must specify the current fingerprint of the subnetwork resource being patched.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)

+  setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None)

 
Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of subnetworks.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -148,13 +154,23 @@ 
Method Details

   "items": { # A list of SubnetworksScopedList resources.
     "a_key": { # Name of the scope containing this set of Subnetworks.
       "subnetworks": [ # A list of subnetworks contained in this scope.
-        { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
-          "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+        { # Represents a Subnetwork resource.
+            #
+            # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
+          "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+              #
+              # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+              #
+              # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+              #
+              # This field cannot be set to true at resource creation time.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
           "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
           "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
           "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -174,7 +190,9 @@ 
Method Details

           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
           "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+              #
+              # This field can be both set at resource creation time and updated using patch.
           "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
           "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
           "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -185,13 +203,16 @@ 
Method Details

             },
           ],
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+          "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+              #
+              # This field can be both set at resource creation time and updated using patch.
           "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
         },
       ],
       "warning": { # An informational warning that appears when the list of addresses is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -209,7 +230,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -240,23 +262,36 @@ 
Method Details

 

 
 

-    delete(project, region, subnetwork, requestId=None, x__xgafv=None)
+    delete(project, region, subnetwork, requestId=None)
   
Deletes the specified subnetwork.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   subnetwork: string, Name of the Subnetwork resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -290,7 +325,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -304,7 +340,7 @@ 
Method Details

 

 
 

-    expandIpCidrRange(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)
+    expandIpCidrRange(project, region, subnetwork, body=None, requestId=None)
   
Expands the IP CIDR range of the subnetwork to a specified value.
 
 Args:
@@ -318,16 +354,29 @@ 
Method Details

   "ipCidrRange": "A String", # The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -361,7 +410,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -375,28 +425,34 @@ 
Method Details

 

 
 

-    get(project, region, subnetwork, x__xgafv=None)
+    get(project, region, subnetwork)
   
Returns the specified subnetwork. Gets a list of available subnetworks list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   subnetwork: string, Name of the Subnetwork resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
-  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+    { # Represents a Subnetwork resource.
+    #
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
+  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+      #
+      # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+      #
+      # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+      #
+      # This field cannot be set to true at resource creation time.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -416,7 +472,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      #
+      # This field can be both set at resource creation time and updated using patch.
   "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
   "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -427,13 +485,15 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      #
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
 }

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -441,27 +501,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -469,76 +553,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a subnetwork in the specified project using the data included in the request.
 
 Args:
@@ -547,13 +699,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
-  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+{ # Represents a Subnetwork resource.
+    # 
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
+  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+      # 
+      # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+      # 
+      # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+      # 
+      # This field cannot be set to true at resource creation time.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -573,7 +735,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
   "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -584,20 +748,35 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -631,7 +810,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -645,21 +825,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of subnetworks available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -667,13 +853,23 @@ 
Method Details

     { # Contains a list of Subnetwork resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Subnetwork resources.
-    { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
-      "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+    { # Represents a Subnetwork resource.
+        #
+        # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
+      "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+          #
+          # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+          #
+          # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+          #
+          # This field cannot be set to true at resource creation time.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
       "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
       "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
       "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -693,7 +889,9 @@ 
Method Details

       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
       "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+          #
+          # This field can be both set at resource creation time and updated using patch.
       "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
       "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
       "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -704,7 +902,9 @@ 
Method Details

         },
       ],
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+      "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+          #
+          # This field can be both set at resource creation time and updated using patch.
       "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
     },
   ],
@@ -713,7 +913,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -725,20 +926,26 @@ 
Method Details

 

 
 

-    listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of all usable subnetworks in the project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -763,7 +970,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -803,7 +1011,7 @@ 
Method Details

 

 
 

-    patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None, x__xgafv=None)
+    patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None)
   
Patches the specified subnetwork with the data included in the request. Only certain fields can be updated with a patch request as indicated in the field descriptions. You must specify the current fingerprint of the subnetwork resource being patched.
 
 Args:
@@ -813,13 +1021,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
-  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length. Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature. The default value is false and applies to all existing subnetworks and automatically created subnetworks. This field cannot be set to true at resource creation time.
+{ # Represents a Subnetwork resource.
+    # 
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
+  "allowSubnetCidrRoutesOverlap": True or False, # Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.
+      # 
+      # Also, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.
+      # 
+      # The default value is false and applies to all existing subnetworks and automatically created subnetworks.
+      # 
+      # This field cannot be set to true at resource creation time.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -839,7 +1057,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
   "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -850,21 +1070,36 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
 }
 
   drainTimeoutSeconds: integer, The drain timeout specifies the upper bound in seconds on the amount of time allowed to drain connections from the current ACTIVE subnetwork to the current BACKUP subnetwork. The drain timeout is only applicable when the following conditions are true: - the subnetwork being patched has purpose = INTERNAL_HTTPS_LOAD_BALANCER - the subnetwork being patched has role = BACKUP - the patch request is setting the role to ACTIVE. Note that after this patch operation the roles of the ACTIVE and BACKUP subnetworks will be swapped.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -898,7 +1133,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -912,7 +1148,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -925,33 +1161,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -959,95 +1269,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1055,76 +1457,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)
+    setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None)
   
Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.
 
 Args:
@@ -1138,16 +1608,29 @@ 
Method Details

   "privateIpGoogleAccess": True or False,
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1181,7 +1664,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1195,7 +1679,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1211,10 +1695,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetGrpcProxies.html b/docs/dyn/compute_beta.targetGrpcProxies.html
index 07495fd13ee..3eeb8704390 100644
--- a/docs/dyn/compute_beta.targetGrpcProxies.html
+++ b/docs/dyn/compute_beta.targetGrpcProxies.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetGrpcProxy, requestId=None, x__xgafv=None)

+  delete(project, targetGrpcProxy, requestId=None)

 
Deletes the specified TargetGrpcProxy in the given scope

 

-  get(project, targetGrpcProxy, x__xgafv=None)

+  get(project, targetGrpcProxy)

 
Returns the specified TargetGrpcProxy resource in the given scope.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetGrpcProxy in the specified project in the given scope using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the TargetGrpcProxies for a project in the given scope.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetGrpcProxy, body=None, requestId=None, x__xgafv=None)

+  patch(project, targetGrpcProxy, body=None, requestId=None)

 
Patches the specified TargetGrpcProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, targetGrpcProxy, requestId=None, x__xgafv=None)
+    delete(project, targetGrpcProxy, requestId=None)
   
Deletes the specified TargetGrpcProxy in the given scope
 
 Args:
   project: string, Project ID for this request. (required)
   targetGrpcProxy: string, Name of the TargetGrpcProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,21 +182,19 @@ 
Method Details

 

 
 

-    get(project, targetGrpcProxy, x__xgafv=None)
+    get(project, targetGrpcProxy)
   
Returns the specified TargetGrpcProxy resource in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
   targetGrpcProxy: string, Name of the TargetGrpcProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+    { # Represents a Target gRPC Proxy resource.
+    #
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -197,7 +209,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetGrpcProxy in the specified project in the given scope using the parameters that are included in the request.
 
 Args:
@@ -205,7 +217,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+{ # Represents a Target gRPC Proxy resource.
+    # 
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -218,16 +232,29 @@ 
Method Details

   "validateForProxyless": True or False, # If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using a sidecar proxy. This will enable configuration checks on urlMap and its referenced BackendServices to not allow unsupported features. A gRPC application must use "xds:///" scheme in the target URI of the service it is connecting to. If false, indicates that the BackendServices referenced by the urlMap will be accessed by gRPC applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -261,7 +288,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -275,20 +303,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the TargetGrpcProxies for a project in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -296,7 +330,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetGrpcProxy resources.
-    { # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+    { # Represents a Target gRPC Proxy resource.
+        #
+        # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -314,7 +350,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -340,7 +377,7 @@ 
Method Details

 

 
 

-    patch(project, targetGrpcProxy, body=None, requestId=None, x__xgafv=None)
+    patch(project, targetGrpcProxy, body=None, requestId=None)
   
Patches the specified TargetGrpcProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -349,7 +386,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+{ # Represents a Target gRPC Proxy resource.
+    # 
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -362,16 +401,29 @@ 
Method Details

   "validateForProxyless": True or False, # If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using a sidecar proxy. This will enable configuration checks on urlMap and its referenced BackendServices to not allow unsupported features. A gRPC application must use "xds:///" scheme in the target URI of the service it is connecting to. If false, indicates that the BackendServices referenced by the urlMap will be accessed by gRPC applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -405,7 +457,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -419,7 +472,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -434,10 +487,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetHttpProxies.html b/docs/dyn/compute_beta.targetHttpProxies.html
index d2d23a98e20..52a45edc52c 100644
--- a/docs/dyn/compute_beta.targetHttpProxies.html
+++ b/docs/dyn/compute_beta.targetHttpProxies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetHttpProxies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all TargetHttpProxy resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetHttpProxy, requestId=None, x__xgafv=None)

+  delete(project, targetHttpProxy, requestId=None)

 
Deletes the specified TargetHttpProxy resource.

 

-  get(project, targetHttpProxy, x__xgafv=None)

+  get(project, targetHttpProxy)

 
Returns the specified TargetHttpProxy resource. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetHttpProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

-
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

+  patch(project, targetHttpProxy, body=None, requestId=None)

+
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)

 

-  setUrlMap(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, targetHttpProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpProxy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all TargetHttpProxy resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,17 +139,32 @@ 
Method Details

   "items": { # A list of TargetHttpProxiesScopedList resources.
     "a_key": { # Name of the scope containing this set of TargetHttpProxies.
       "targetHttpProxies": [ # A list of TargetHttpProxies contained in this scope.
-        { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+        { # Represents a Target HTTP Proxy resource.
+            #
+            # Google Compute Engine has two Target HTTP Proxy resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+            #
+            # A target HTTP proxy is a component of GCP HTTP load balancers.
+            #
+            # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+            #
+            # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+              # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
             "A String",
           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              #
+              # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+              #
+              # The default is false.
           "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -151,7 +172,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,7 +191,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -200,22 +223,35 @@ 
Method Details

 

 
 

-    delete(project, targetHttpProxy, requestId=None, x__xgafv=None)
+    delete(project, targetHttpProxy, requestId=None)
   
Deletes the specified TargetHttpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -249,7 +285,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -263,31 +300,42 @@ 
Method Details

 

 
 

-    get(project, targetHttpProxy, x__xgafv=None)
+    get(project, targetHttpProxy)
   
Returns the specified TargetHttpProxy resource. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    #
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    #
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    #
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -295,7 +343,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetHttpProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -303,32 +351,60 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -362,7 +438,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -376,20 +453,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -397,17 +480,32 @@ 
Method Details

     { # A list of TargetHttpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpProxy resources.
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTP Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+        #
+        # A target HTTP proxy is a component of GCP HTTP load balancers.
+        #
+        # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+        #
+        # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -418,7 +516,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -444,8 +543,8 @@ 
Method Details

 

 
 

-    patch(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
+    patch(project, targetHttpProxy, body=None, requestId=None)
+  
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)
 
 Args:
   project: string, Project ID for this request. (required)
@@ -453,32 +552,60 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/v1alpha1/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -512,7 +639,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -526,7 +654,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, targetHttpProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpProxy.
 
 Args:
@@ -539,16 +667,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -582,7 +723,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -596,7 +738,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -611,10 +753,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetHttpsProxies.html b/docs/dyn/compute_beta.targetHttpsProxies.html
index 85d5b314fa9..97427db38cd 100644
--- a/docs/dyn/compute_beta.targetHttpsProxies.html
+++ b/docs/dyn/compute_beta.targetHttpsProxies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetHttpsProxies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all TargetHttpsProxy resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,55 +84,61 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetHttpsProxy, requestId=None, x__xgafv=None)

+  delete(project, targetHttpsProxy, requestId=None)

 
Deletes the specified TargetHttpsProxy resource.

 

-  get(project, targetHttpsProxy, x__xgafv=None)

+  get(project, targetHttpsProxy)

 
Returns the specified TargetHttpsProxy resource. Gets a list of available target HTTPS proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetHttpsProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpsProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

-
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

+  patch(project, targetHttpsProxy, body=None, requestId=None)

+
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)

 

-  setQuicOverride(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setQuicOverride(project, targetHttpsProxy, body=None, requestId=None)

 
Sets the QUIC override policy for TargetHttpsProxy.

 

-  setSslCertificates(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, targetHttpsProxy, body=None, requestId=None)

 
Replaces SslCertificates for TargetHttpsProxy.

 

-  setSslPolicy(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslPolicy(project, targetHttpsProxy, body=None, requestId=None)

 
Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.

 

-  setUrlMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, targetHttpsProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpsProxy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all TargetHttpsProxy resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -142,34 +148,63 @@ 
Method Details

   "items": { # A list of TargetHttpsProxiesScopedList resources.
     "a_key": { # Name of the scope containing this set of TargetHttpsProxies.
       "targetHttpsProxies": [ # A list of TargetHttpsProxies contained in this scope.
-        { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+        { # Represents a Target HTTPS Proxy resource.
+            #
+            # Google Compute Engine has two Target HTTPS Proxy resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+            #
+            # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+            #
+            # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+            #
+            # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
           "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
           "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-          "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+          "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+              # Refer to the AuthorizationPolicy resource for additional details.
+              # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              # Note: This field currently has no impact.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+          "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+              # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
             "A String",
           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-          "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              #
+              # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+              #
+              # The default is false.
+          "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+              # - When quic-override is set to NONE, Google manages whether QUIC is used.
+              # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+              # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+              # - If the quic-override flag is not specified, NONE is implied.
           "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+          "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+              # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              # If left blank, communications are not encrypted.
+              # Note: This field currently has no impact.
           "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
             "A String",
           ],
           "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-          "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+          "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+              # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+              # - projects/project/global/urlMaps/url-map
+              # - global/urlMaps/url-map
         },
       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -187,7 +222,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -218,22 +254,35 @@ 
Method Details

 

 
 

-    delete(project, targetHttpsProxy, requestId=None, x__xgafv=None)
+    delete(project, targetHttpsProxy, requestId=None)
   
Deletes the specified TargetHttpsProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -267,7 +316,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -281,48 +331,72 @@ 
Method Details

 

 
 

-    get(project, targetHttpsProxy, x__xgafv=None)
+    get(project, targetHttpsProxy)
   
Returns the specified TargetHttpsProxy resource. Gets a list of available target HTTPS proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    #
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    #
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    #
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetHttpsProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -330,41 +404,82 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -398,7 +513,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -412,20 +528,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpsProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -433,29 +555,57 @@ 
Method Details

     { # Contains a list of TargetHttpsProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpsProxy resources.
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTPS Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTPS Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+        #
+        # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+        #
+        # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+        #
+        # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
       "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
       "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+          # Refer to the AuthorizationPolicy resource for additional details.
+          # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # Note: This field currently has no impact.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+      "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+          # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
         "A String",
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
+      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+          # - When quic-override is set to NONE, Google manages whether QUIC is used.
+          # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+          # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+          # - If the quic-override flag is not specified, NONE is implied.
       "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+          # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # If left blank, communications are not encrypted.
+          # Note: This field currently has no impact.
       "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
         "A String",
       ],
       "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+          # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+          # - projects/project/global/urlMaps/url-map
+          # - global/urlMaps/url-map
     },
   ],
   "kind": "compute#targetHttpsProxyList", # Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.
@@ -463,7 +613,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -489,8 +640,8 @@ 
Method Details

 

 
 

-    patch(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
+    patch(project, targetHttpsProxy, body=None, requestId=None)
+  
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)
 
 Args:
   project: string, Project ID for this request. (required)
@@ -498,41 +649,82 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/beta/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/beta/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
   "authentication": "A String", # [Deprecated] Use serverTlsPolicy instead.
   "authorization": "A String", # [Deprecated] Use authorizationPolicy instead.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
-  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/ locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list. httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+  "httpFilters": [ # URLs to networkservices.HttpFilter resources enabled for xDS clients using this configuration. For example, https://networkservices.googleapis.com/beta/projects/project/locations/locationhttpFilters/httpFilter Only filters that handle outbound connection and stream events may be specified. These filters work in conjunction with a default set of HTTP filters that may already be configured by Traffic Director. Traffic Director will determine the final location of these filters within xDS configuration based on the name of the HTTP filter. If Traffic Director positions multiple filters at the same location, those filters will be in the same order as specified in this list.
+      # httpFilters only applies for loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
     "A String",
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -566,7 +758,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -580,7 +773,7 @@ 
Method Details

 

 
 

-    setQuicOverride(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setQuicOverride(project, targetHttpsProxy, body=None, requestId=None)
   
Sets the QUIC override policy for TargetHttpsProxy.
 
 Args:
@@ -593,16 +786,29 @@ 
Method Details

   "quicOverride": "A String", # QUIC policy for the TargetHttpsProxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -636,7 +842,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -650,7 +857,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, targetHttpsProxy, body=None, requestId=None)
   
Replaces SslCertificates for TargetHttpsProxy.
 
 Args:
@@ -665,16 +872,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -708,7 +928,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -722,7 +943,7 @@ 
Method Details

 

 
 

-    setSslPolicy(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslPolicy(project, targetHttpsProxy, body=None, requestId=None)
   
Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.
 
 Args:
@@ -735,16 +956,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -778,7 +1012,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -792,7 +1027,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, targetHttpsProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpsProxy.
 
 Args:
@@ -805,16 +1040,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -848,7 +1096,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -862,7 +1111,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -877,10 +1126,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetInstances.html b/docs/dyn/compute_beta.targetInstances.html
index 71f352a6388..a3cf80e2014 100644
--- a/docs/dyn/compute_beta.targetInstances.html
+++ b/docs/dyn/compute_beta.targetInstances.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetInstances

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target instances.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, targetInstance, requestId=None, x__xgafv=None)

+  delete(project, zone, targetInstance, requestId=None)

 
Deletes the specified TargetInstance resource.

 

-  get(project, zone, targetInstance, x__xgafv=None)

+  get(project, zone, targetInstance)

 
Returns the specified TargetInstance resource. Gets a list of available target instances by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a TargetInstance resource in the specified project and zone using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of TargetInstance resources available to the specified project and zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target instances.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -127,11 +133,16 @@ 
Method Details

   "items": { # A list of TargetInstance resources.
     "a_key": { # Name of the scope containing this set of target instances.
       "targetInstances": [ # A list of target instances contained in this scope.
-        { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+        { # Represents a Target Instance resource.
+            #
+            # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-          "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+          "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+              # - projects/project/zones/zone/instances/instance
+              # - zones/zone/instances/instance
           "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -142,7 +153,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -160,7 +172,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,23 +204,36 @@ 
Method Details

 

 
 

-    delete(project, zone, targetInstance, requestId=None, x__xgafv=None)
+    delete(project, zone, targetInstance, requestId=None)
   
Deletes the specified TargetInstance resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
   targetInstance: string, Name of the TargetInstance resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -241,7 +267,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -255,26 +282,27 @@ 
Method Details

 

 
 

-    get(project, zone, targetInstance, x__xgafv=None)
+    get(project, zone, targetInstance)
   
Returns the specified TargetInstance resource. Gets a list of available target instances by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
   targetInstance: string, Name of the TargetInstance resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+    { # Represents a Target Instance resource.
+    #
+    # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
   "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -285,7 +313,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a TargetInstance resource in the specified project and zone using the data included in the request.
 
 Args:
@@ -294,11 +322,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+{ # Represents a Target Instance resource.
+    # 
+    # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
   "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -307,16 +340,29 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the target instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -350,7 +396,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -364,21 +411,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of TargetInstance resources available to the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -386,11 +439,16 @@ 
Method Details

     { # Contains a list of TargetInstance resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetInstance resources.
-    { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+    { # Represents a Target Instance resource.
+        #
+        # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+      "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
+          # - zones/zone/instances/instance
       "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -404,7 +462,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -430,7 +489,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -446,10 +505,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetPools.html b/docs/dyn/compute_beta.targetPools.html
index 7acf00cdfc4..1474863358b 100644
--- a/docs/dyn/compute_beta.targetPools.html
+++ b/docs/dyn/compute_beta.targetPools.html
@@ -75,13 +75,13 @@
 
Compute Engine API . targetPools

 
Instance Methods

 

-  addHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  addHealthCheck(project, region, targetPool, body=None, requestId=None)

 
Adds health check URLs to a target pool.

 

-  addInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  addInstance(project, region, targetPool, body=None, requestId=None)

 
Adds an instance to a target pool.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target pools.

 

   aggregatedList_next(previous_request, previous_response)

@@ -90,38 +90,38 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetPool, requestId=None, x__xgafv=None)

+  delete(project, region, targetPool, requestId=None)

 
Deletes the specified target pool.

 

-  get(project, region, targetPool, x__xgafv=None)

+  get(project, region, targetPool)

 
Returns the specified target pool. Gets a list of available target pools by making a list() request.

 

-  getHealth(project, region, targetPool, body=None, x__xgafv=None)

+  getHealth(project, region, targetPool, body=None)

 
Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a target pool in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of target pools available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  removeHealthCheck(project, region, targetPool, body=None, requestId=None)

 
Removes health check URL from a target pool.

 

-  removeInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  removeInstance(project, region, targetPool, body=None, requestId=None)

 
Removes instance URL from a target pool.

 

-  setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None, x__xgafv=None)

+  setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None)

 
Changes a backup target pool's configurations.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    addHealthCheck(project, region, targetPool, body=None, requestId=None)
   
Adds health check URLs to a target pool.
 
 Args:
@@ -133,22 +133,38 @@ 
Method Details

 
 {
   "healthChecks": [ # The HttpHealthCheck to add to the target pool.
-    { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
+    { # A full or valid partial URL to a health check. For example, the following are valid URLs:
+        # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+        # - projects/project-id/global/httpHealthChecks/health-check
+        # - global/httpHealthChecks/health-check
       "healthCheck": "A String",
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -182,7 +198,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -196,7 +213,7 @@ 
Method Details

 

 
 

-    addInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    addInstance(project, region, targetPool, body=None, requestId=None)
   
Adds an instance to a target pool.
 
 Args:
@@ -207,23 +224,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "instances": [ # A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs: - https://www.googleapis.com/compute/v1/projects/project-id/zones/zone /instances/instance-name - projects/project-id/zones/zone/instances/instance-name - zones/zone/instances/instance-name
+  "instances": [ # A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name
+      # - projects/project-id/zones/zone/instances/instance-name
+      # - zones/zone/instances/instance-name
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -257,7 +290,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -271,21 +305,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target pools.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -295,11 +335,21 @@ 
Method Details

   "items": { # A list of TargetPool resources.
     "a_key": { # Name of the scope containing this set of target pools.
       "targetPools": [ # A list of target pools contained in this scope.
-        { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-          "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+        { # Represents a Target Pool resource.
+            #
+            # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+          "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+              #
+              # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+              #
+              # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+          "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+              #
+              # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+              #
+              # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
           "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
             "A String",
           ],
@@ -311,12 +361,16 @@ 
Method Details

           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "region": "A String", # [Output Only] URL of the region where the target pool resides.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+          "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+              # NONE: Connections from the same client IP may go to any instance in the pool.
+              # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+              # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
         },
       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -334,7 +388,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -365,23 +420,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetPool, requestId=None, x__xgafv=None)
+    delete(project, region, targetPool, requestId=None)
   
Deletes the specified target pool.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetPool: string, Name of the TargetPool resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -415,7 +483,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -429,26 +498,32 @@ 
Method Details

 

 
 

-    get(project, region, targetPool, x__xgafv=None)
+    get(project, region, targetPool)
   
Returns the specified target pool. Gets a list of available target pools by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetPool: string, Name of the TargetPool resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+    { # Represents a Target Pool resource.
+    #
+    # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+      #
+      # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      #
+      # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+      #
+      # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      #
+      # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
     "A String",
   ],
@@ -460,12 +535,15 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "region": "A String", # [Output Only] URL of the region where the target pool resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+  "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+      # NONE: Connections from the same client IP may go to any instance in the pool.
+      # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+      # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
 }

 

 
 

-    getHealth(project, region, targetPool, body=None, x__xgafv=None)
+    getHealth(project, region, targetPool, body=None)
   
Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.
 
 Args:
@@ -476,13 +554,9 @@ 
Method Details

     The object takes the form of:
 
 {
-  "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+  "instance": "A String", # The URL for a specific instance.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -508,7 +582,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a target pool in the specified project and region using the data included in the request.
 
 Args:
@@ -517,11 +591,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+{ # Represents a Target Pool resource.
+    # 
+    # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+      # 
+      # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      # 
+      # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+      # 
+      # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      # 
+      # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
     "A String",
   ],
@@ -533,19 +617,35 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "region": "A String", # [Output Only] URL of the region where the target pool resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+  "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+      # NONE: Connections from the same client IP may go to any instance in the pool.
+      # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+      # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -579,7 +679,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -593,21 +694,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of target pools available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -615,11 +722,21 @@ 
Method Details

     { # Contains a list of TargetPool resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetPool resources.
-    { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-      "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+    { # Represents a Target Pool resource.
+        #
+        # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+      "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+          #
+          # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+          #
+          # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+      "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+          #
+          # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+          #
+          # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
       "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
         "A String",
       ],
@@ -631,7 +748,10 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "region": "A String", # [Output Only] URL of the region where the target pool resides.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+      "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+          # NONE: Connections from the same client IP may go to any instance in the pool.
+          # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+          # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
     },
   ],
   "kind": "compute#targetPoolList", # [Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.
@@ -639,7 +759,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -665,7 +786,7 @@ 
Method Details

 

 
 

-    removeHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    removeHealthCheck(project, region, targetPool, body=None, requestId=None)
   
Removes health check URL from a target pool.
 
 Args:
@@ -676,23 +797,42 @@ 
Method Details

     The object takes the form of:
 
 {
-  "healthChecks": [ # Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project /global/httpHealthChecks/health-check - projects/project/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
-    { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
+  "healthChecks": [ # Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:
+      # - https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check
+      # - projects/project/global/httpHealthChecks/health-check
+      # - global/httpHealthChecks/health-check
+    { # A full or valid partial URL to a health check. For example, the following are valid URLs:
+        # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+        # - projects/project-id/global/httpHealthChecks/health-check
+        # - global/httpHealthChecks/health-check
       "healthCheck": "A String",
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -726,7 +866,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -740,7 +881,7 @@ 
Method Details

 

 
 

-    removeInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    removeInstance(project, region, targetPool, body=None, requestId=None)
   
Removes instance URL from a target pool.
 
 Args:
@@ -753,21 +894,34 @@ 
Method Details

 {
   "instances": [ # URLs of the instances to be removed from target pool.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -801,7 +955,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -815,7 +970,7 @@ 
Method Details

 

 
 

-    setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None, x__xgafv=None)
+    setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None)
   
Changes a backup target pool's configurations.
 
 Args:
@@ -830,16 +985,29 @@ 
Method Details

 }
 
   failoverRatio: number, New failoverRatio value for the target pool.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -873,7 +1041,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -887,7 +1056,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -903,10 +1072,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetSslProxies.html b/docs/dyn/compute_beta.targetSslProxies.html
index d20d11e7bbe..2c107c03508 100644
--- a/docs/dyn/compute_beta.targetSslProxies.html
+++ b/docs/dyn/compute_beta.targetSslProxies.html
@@ -78,34 +78,34 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetSslProxy, requestId=None, x__xgafv=None)

+  delete(project, targetSslProxy, requestId=None)

 
Deletes the specified TargetSslProxy resource.

 

-  get(project, targetSslProxy, x__xgafv=None)

+  get(project, targetSslProxy)

 
Returns the specified TargetSslProxy resource. Gets a list of available target SSL proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetSslProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetSslProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setBackendService(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setBackendService(project, targetSslProxy, body=None, requestId=None)

 
Changes the BackendService for TargetSslProxy.

 

-  setProxyHeader(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setProxyHeader(project, targetSslProxy, body=None, requestId=None)

 
Changes the ProxyHeaderType for TargetSslProxy.

 

-  setSslCertificates(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, targetSslProxy, body=None, requestId=None)

 
Changes SslCertificates for TargetSslProxy.

 

-  setSslPolicy(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setSslPolicy(project, targetSslProxy, body=None, requestId=None)

 
Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -114,22 +114,35 @@ 
Method Details

 

 
 

-    delete(project, targetSslProxy, requestId=None, x__xgafv=None)
+    delete(project, targetSslProxy, requestId=None)
   
Deletes the specified TargetSslProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetSslProxy: string, Name of the TargetSslProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -163,7 +176,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -177,21 +191,19 @@ 
Method Details

 

 
 

-    get(project, targetSslProxy, x__xgafv=None)
+    get(project, targetSslProxy)
   
Returns the specified TargetSslProxy resource. Gets a list of available target SSL proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetSslProxy: string, Name of the TargetSslProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+    { # Represents a Target SSL Proxy resource.
+    #
+    # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -208,7 +220,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetSslProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -216,7 +228,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+{ # Represents a Target SSL Proxy resource.
+    # 
+    # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -231,16 +245,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -274,7 +301,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -288,20 +316,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetSslProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -309,7 +343,9 @@ 
Method Details

     { # Contains a list of TargetSslProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetSslProxy resources.
-    { # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+    { # Represents a Target SSL Proxy resource.
+        #
+        # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -329,7 +365,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -355,7 +392,7 @@ 
Method Details

 

 
 

-    setBackendService(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setBackendService(project, targetSslProxy, body=None, requestId=None)
   
Changes the BackendService for TargetSslProxy.
 
 Args:
@@ -368,16 +405,29 @@ 
Method Details

   "service": "A String", # The URL of the new BackendService resource for the targetSslProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -411,7 +461,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -425,7 +476,7 @@ 
Method Details

 

 
 

-    setProxyHeader(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setProxyHeader(project, targetSslProxy, body=None, requestId=None)
   
Changes the ProxyHeaderType for TargetSslProxy.
 
 Args:
@@ -438,16 +489,29 @@ 
Method Details

   "proxyHeader": "A String", # The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -481,7 +545,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -495,7 +560,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, targetSslProxy, body=None, requestId=None)
   
Changes SslCertificates for TargetSslProxy.
 
 Args:
@@ -510,16 +575,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -553,7 +631,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -567,7 +646,7 @@ 
Method Details

 

 
 

-    setSslPolicy(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setSslPolicy(project, targetSslProxy, body=None, requestId=None)
   
Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.
 
 Args:
@@ -580,16 +659,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -623,7 +715,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -637,7 +730,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -652,10 +745,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetTcpProxies.html b/docs/dyn/compute_beta.targetTcpProxies.html
index 563e80aaafd..a983074a7b2 100644
--- a/docs/dyn/compute_beta.targetTcpProxies.html
+++ b/docs/dyn/compute_beta.targetTcpProxies.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetTcpProxy, requestId=None, x__xgafv=None)

+  delete(project, targetTcpProxy, requestId=None)

 
Deletes the specified TargetTcpProxy resource.

 

-  get(project, targetTcpProxy, x__xgafv=None)

+  get(project, targetTcpProxy)

 
Returns the specified TargetTcpProxy resource. Gets a list of available target TCP proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetTcpProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetTcpProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setBackendService(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)

+  setBackendService(project, targetTcpProxy, body=None, requestId=None)

 
Changes the BackendService for TargetTcpProxy.

 

-  setProxyHeader(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)

+  setProxyHeader(project, targetTcpProxy, body=None, requestId=None)

 
Changes the ProxyHeaderType for TargetTcpProxy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, targetTcpProxy, requestId=None, x__xgafv=None)
+    delete(project, targetTcpProxy, requestId=None)
   
Deletes the specified TargetTcpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetTcpProxy: string, Name of the TargetTcpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,27 +185,29 @@ 
Method Details

 

 
 

-    get(project, targetTcpProxy, x__xgafv=None)
+    get(project, targetTcpProxy)
   
Returns the specified TargetTcpProxy resource. Gets a list of available target TCP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetTcpProxy: string, Name of the TargetTcpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+    { # Represents a Target TCP Proxy resource.
+    #
+    # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "service": "A String", # URL to the BackendService resource.
@@ -199,7 +215,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetTcpProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -207,28 +223,47 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+{ # Represents a Target TCP Proxy resource.
+    # 
+    # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "service": "A String", # URL to the BackendService resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -262,7 +297,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -276,20 +312,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetTcpProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -297,13 +339,19 @@ 
Method Details

     { # Contains a list of TargetTcpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetTcpProxy resources.
-    { # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+    { # Represents a Target TCP Proxy resource.
+        #
+        # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "service": "A String", # URL to the BackendService resource.
@@ -314,7 +362,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -340,7 +389,7 @@ 
Method Details

 

 
 

-    setBackendService(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)
+    setBackendService(project, targetTcpProxy, body=None, requestId=None)
   
Changes the BackendService for TargetTcpProxy.
 
 Args:
@@ -353,16 +402,29 @@ 
Method Details

   "service": "A String", # The URL of the new BackendService resource for the targetTcpProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -396,7 +458,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -410,7 +473,7 @@ 
Method Details

 

 
 

-    setProxyHeader(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)
+    setProxyHeader(project, targetTcpProxy, body=None, requestId=None)
   
Changes the ProxyHeaderType for TargetTcpProxy.
 
 Args:
@@ -423,16 +486,29 @@ 
Method Details

   "proxyHeader": "A String", # The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -466,7 +542,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -480,7 +557,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -495,10 +572,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.targetVpnGateways.html b/docs/dyn/compute_beta.targetVpnGateways.html
index 0d46375298a..5bb0a6f9910 100644
--- a/docs/dyn/compute_beta.targetVpnGateways.html
+++ b/docs/dyn/compute_beta.targetVpnGateways.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetVpnGateways

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target VPN gateways.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetVpnGateway, requestId=None, x__xgafv=None)

+  delete(project, region, targetVpnGateway, requestId=None)

 
Deletes the specified target VPN gateway.

 

-  get(project, region, targetVpnGateway, x__xgafv=None)

+  get(project, region, targetVpnGateway)

 
Returns the specified target VPN gateway. Gets a list of available target VPN gateways by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a target VPN gateway in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of target VPN gateways available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target VPN gateways.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,9 @@ 
Method Details

   "items": { # A list of TargetVpnGateway resources.
     "a_key": { # [Output Only] Name of the scope containing this set of target VPN gateways.
       "targetVpnGateways": [ # [Output Only] A list of target VPN gateways contained in this scope.
-        { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+        { # Represents a Target VPN Gateway resource.
+            #
+            # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -138,7 +146,9 @@ 
Method Details

           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -154,7 +164,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,7 +183,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -203,23 +215,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetVpnGateway, requestId=None, x__xgafv=None)
+    delete(project, region, targetVpnGateway, requestId=None)
   
Deletes the specified target VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   targetVpnGateway: string, Name of the target VPN gateway to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -253,7 +278,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -267,22 +293,20 @@ 
Method Details

 

 
 

-    get(project, region, targetVpnGateway, x__xgafv=None)
+    get(project, region, targetVpnGateway)
   
Returns the specified target VPN gateway. Gets a list of available target VPN gateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   targetVpnGateway: string, Name of the target VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+    { # Represents a Target VPN Gateway resource.
+    #
+    # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -290,7 +314,9 @@ 
Method Details

   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -306,7 +332,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a target VPN gateway in the specified project and region using the data included in the request.
 
 Args:
@@ -315,7 +341,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+{ # Represents a Target VPN Gateway resource.
+    # 
+    # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -323,7 +351,9 @@ 
Method Details

   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -337,16 +367,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -380,7 +423,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -394,21 +438,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of target VPN gateways available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -416,7 +466,9 @@ 
Method Details

     { # Contains a list of TargetVpnGateway resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetVpnGateway resources.
-    { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+    { # Represents a Target VPN Gateway resource.
+        #
+        # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -424,7 +476,9 @@ 
Method Details

       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetVpnGateway", # [Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a TargetVpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -443,7 +497,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -469,7 +524,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -486,16 +541,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -529,7 +597,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -543,7 +612,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -559,10 +628,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.urlMaps.html b/docs/dyn/compute_beta.urlMaps.html
index d541c135321..75b1c5d68a6 100644
--- a/docs/dyn/compute_beta.urlMaps.html
+++ b/docs/dyn/compute_beta.urlMaps.html
@@ -75,7 +75,7 @@
 
Compute Engine API . urlMaps

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all UrlMap resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,52 +84,58 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, urlMap, requestId=None, x__xgafv=None)

+  delete(project, urlMap, requestId=None)

 
Deletes the specified UrlMap resource.

 

-  get(project, urlMap, x__xgafv=None)

+  get(project, urlMap)

 
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a UrlMap resource in the specified project using the data included in the request.

 

-  invalidateCache(project, urlMap, body=None, requestId=None, x__xgafv=None)

-
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).

+  invalidateCache(project, urlMap, body=None, requestId=None)

+
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of UrlMap resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, urlMap, body=None, requestId=None, x__xgafv=None)

+  patch(project, urlMap, body=None, requestId=None)

 
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, urlMap, body=None, requestId=None, x__xgafv=None)

+  update(project, urlMap, body=None, requestId=None)

 
Updates the specified UrlMap resource with the data included in the request.

 

-  validate(project, urlMap, body=None, x__xgafv=None)

+  validate(project, urlMap, body=None)

 
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all UrlMap resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -139,21 +145,44 @@ 
Method Details

   "items": { # A list of UrlMapsScopedList resources.
     "a_key": { # Name of the scope containing this set of UrlMaps.
       "urlMaps": [ # A list of UrlMaps contained in this scope.
-        { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+        { # Represents a URL Map resource.
+            #
+            # Google Compute Engine has two URL Map resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+            #
+            # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+            #
+            # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+            #
+            # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+            #
+            # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+            #
+            # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+            #
+            # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+              # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -162,53 +191,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -218,34 +278,61 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here take effect after headerAction specified under pathMatcher.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -255,7 +342,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -265,7 +353,8 @@ 
Method Details

           "hostRules": [ # The list of HostRules to use against the URL.
             { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-              "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+                  # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "A String",
               ],
               "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -276,19 +365,25 @@ 
Method Details

           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "pathMatchers": [ # The list of named PathMatchers to use against the URL.
             { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-              "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+                  # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -297,53 +392,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -353,33 +479,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-              "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+                  # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+                  # - compute/v1/projects/project/global/backendServices/backendService
+                  # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+                  # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+                  # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+                  # - compute.backendBuckets.use
+                  # - compute.backendServices.use
+              "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+                  # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -389,7 +545,8 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -397,24 +554,32 @@ 
Method Details

                 ],
               },
               "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-              "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+              "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+                  # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+                  # Within a given pathMatcher, only one of pathRules or routeRules must be set.
                 { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
                   "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                     "A String",
                   ],
-                  "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+                  "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                      # Only one of routeAction or urlRedirect must be set.
+                      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                        # Not supported when the URL map is bound to target gRPC proxy.
+                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                          # Default is false.
                       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                         "A String",
                       ],
                       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                         "A String",
                       ],
-                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
-                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
                       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -423,53 +588,84 @@ 
Method Details

                       ],
                       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                     },
-                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "httpStatus": 42, # The HTTP status code used to abort the request.
+                            # The value must be between 200 and 599 inclusive.
+                            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                         },
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                     },
-                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                     },
-                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                       },
-                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                          # -
+                          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                         "A String",
                       ],
                     },
-                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                        # If not specified, will use the largest timeout among all backend services associated with the route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                          # The value must be between 1 and 255 characters.
+                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                          # The value must be between 1 and 1024 characters.
                     },
-                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -479,37 +675,63 @@ 
Method Details

                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                             "A String",
                           ],
                         },
-                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                            # The value must be between 0 and 1000
                       },
                     ],
                   },
-                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                      # If urlRedirect is specified, service or routeAction must not be set.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                        # The value must be between 1 and 255 characters.
+                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                        # The default is set to false.
+                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                        # Supported values are:
+                        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                        # - FOUND, which corresponds to 302.
+                        # - SEE_OTHER which corresponds to 303.
+                        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                        # The default is set to false.
                   },
                 },
               ],
-              "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+              "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+                  # Within a given pathMatcher, you can set only one of pathRules or routeRules.
                 { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-                  "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "description": "A String", # The short description conveying the intent of this routeRule.
+                      # The description can have a maximum length of 1024 characters.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -519,21 +741,25 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                       "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                       "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                       "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
                     },
                   ],
-                  "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                      # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                       "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                       "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -542,60 +768,112 @@ 
Method Details

                   ],
                   "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                     { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                      "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                          # fullPathMatch must be between 1 and 1024 characters.
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                       "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                         { # matchRule criteria for request header matches.
-                          "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                          "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                          "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                          "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "headerName": "A String", # The name of the HTTP header to match.
+                              # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                              # For matching a request's method, use the headerName ":method".
+                              # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                          "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                              # The default setting is false.
+                          "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                              # For example for a range [-5, 0]
+                              # - -3 will match.
+                              # - 0 will not match.
+                              # - 0.25 will not match.
+                              # - -3someString will not match.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                              # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                             "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                             "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                           },
-                          "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                          "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                              # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                              # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                          "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                         },
                       ],
-                      "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                      "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                          # The default value is false.
+                          # ignoreCase must not be used with regexMatch.
+                          # Not supported when the URL map is bound to target gRPC proxy.
+                      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                          # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                              # This list must not be empty and can have at the most 64 entries.
                             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                              "name": "A String", # Name of metadata label.
+                                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                              "value": "A String", # The value of the label must match the specified value.
+                                  # value can have a maximum length of 1024 characters.
                             },
                           ],
-                          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                              # Supported values are:
+                              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                         },
                       ],
-                      "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                      "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                      "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                          # The value must be between 1 and 1024 characters.
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                          # Not supported when the URL map is bound to target gRPC proxy.
                         { # HttpRouteRuleMatch criteria for a request's query parameter.
-                          "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                          "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
                           "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                          "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                          "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                          "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
+                              # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                         },
                       ],
-                      "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-                  "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+                  "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                      # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                      # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+                  "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                        # Not supported when the URL map is bound to target gRPC proxy.
+                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                          # Default is false.
                       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                         "A String",
                       ],
                       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                         "A String",
                       ],
-                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
-                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
                       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -604,53 +882,84 @@ 
Method Details

                       ],
                       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                     },
-                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "httpStatus": 42, # The HTTP status code used to abort the request.
+                            # The value must be between 200 and 599 inclusive.
+                            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                         },
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                     },
-                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                     },
-                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                       },
-                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                          # -
+                          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                         "A String",
                       ],
                     },
-                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                        # If not specified, will use the largest timeout among all backend services associated with the route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                          # The value must be between 1 and 255 characters.
+                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                          # The value must be between 1 and 1024 characters.
                     },
-                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -660,25 +969,45 @@ 
Method Details

                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                             "A String",
                           ],
                         },
-                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                            # The value must be between 0 and 1000
                       },
                     ],
                   },
-                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                      # If urlRedirect is specified, service or routeAction must not be set.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                        # The value must be between 1 and 255 characters.
+                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                        # The default is set to false.
+                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                        # Supported values are:
+                        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                        # - FOUND, which corresponds to 302.
+                        # - SEE_OTHER which corresponds to 303.
+                        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                        # The default is set to false.
                   },
                 },
               ],
@@ -686,11 +1015,16 @@ 
Method Details

           ],
           "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # Message for the expected URL mappings.
               "description": "A String", # Description of this test case.
-              "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-              "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+              "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+                  # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+                  # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+                  # expectedOutputUrl is optional when service is specified.
+              "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+                  # expectedRedirectResponseCode cannot be set when service is set.
               "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
                 { # HTTP headers used in UrlMapTests.
                   "name": "A String", # Header name.
@@ -699,14 +1033,16 @@ 
Method Details

               ],
               "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
               "path": "A String", # Path portion of the URL.
-              "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+              "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+                  # service cannot be set if expectedRedirectResponseCode is set.
             },
           ],
         },
       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -724,7 +1060,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -755,22 +1092,35 @@ 
Method Details

 

 
 

-    delete(project, urlMap, requestId=None, x__xgafv=None)
+    delete(project, urlMap, requestId=None)
   
Deletes the specified UrlMap resource.
 
 Args:
   project: string, Project ID for this request. (required)
   urlMap: string, Name of the UrlMap resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -804,7 +1154,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -818,35 +1169,54 @@ 
Method Details

 

 
 

-    get(project, urlMap, x__xgafv=None)
+    get(project, urlMap)
   
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   urlMap: string, Name of the UrlMap resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+    #
+    # Google Compute Engine has two URL Map resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    #
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    #
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    #
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    #
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    #
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    #
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -855,53 +1225,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -911,34 +1312,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -948,7 +1376,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -958,7 +1387,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -969,19 +1399,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -990,53 +1426,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1046,33 +1513,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1082,7 +1579,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1090,24 +1588,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1116,53 +1622,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1172,37 +1709,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1212,21 +1775,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1235,60 +1802,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1297,53 +1916,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1353,25 +2003,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1379,11 +2049,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -1392,14 +2067,15 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a UrlMap resource in the specified project using the data included in the request.
 
 Args:
@@ -1407,21 +2083,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1430,53 +2129,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1486,34 +2216,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1523,7 +2280,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1533,7 +2291,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -1544,19 +2303,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1565,53 +2330,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1621,33 +2417,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1657,7 +2483,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1665,24 +2492,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1691,53 +2526,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1747,37 +2613,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1787,21 +2679,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -1810,60 +2706,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1872,53 +2820,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1928,25 +2907,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1954,11 +2953,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -1967,21 +2971,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2015,7 +3033,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2029,8 +3048,10 @@ 
Method Details

 

 
 

-    invalidateCache(project, urlMap, body=None, requestId=None, x__xgafv=None)
-  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
+    invalidateCache(project, urlMap, body=None, requestId=None)
+  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.
+
+For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
 
 Args:
   project: string, Project ID for this request. (required)
@@ -2043,16 +3064,29 @@ 
Method Details

   "path": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2086,7 +3120,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2100,20 +3135,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of UrlMap resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2121,21 +3162,44 @@ 
Method Details

     { # Contains a list of UrlMap resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of UrlMap resources.
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+        #
+        # Google Compute Engine has two URL Map resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+        #
+        # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+        #
+        # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+        #
+        # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+        #
+        # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+        #
+        # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+        #
+        # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+          # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2144,53 +3208,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2200,34 +3295,61 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # The headerAction specified here take effect after headerAction specified under pathMatcher.
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2237,7 +3359,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2247,7 +3370,8 @@ 
Method Details

       "hostRules": [ # The list of HostRules to use against the URL.
         { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+              # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "A String",
           ],
           "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2258,19 +3382,25 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "pathMatchers": [ # The list of named PathMatchers to use against the URL.
         { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2279,53 +3409,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2335,33 +3496,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+              # - compute/v1/projects/project/global/backendServices/backendService
+              # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+              # - compute.backendBuckets.use
+              # - compute.backendServices.use
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2371,7 +3562,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2379,24 +3571,32 @@ 
Method Details

             ],
           },
           "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+              # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+              # Within a given pathMatcher, only one of pathRules or routeRules must be set.
             { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
               "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                 "A String",
               ],
-              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of routeAction or urlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2405,53 +3605,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2461,37 +3692,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
-          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+              # Within a given pathMatcher, you can set only one of pathRules or routeRules.
             { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-              "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "description": "A String", # The short description conveying the intent of this routeRule.
+                  # The description can have a maximum length of 1024 characters.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2501,21 +3758,25 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                   "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
                 },
               ],
-              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                  # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                   "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                   "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -2524,60 +3785,112 @@ 
Method Details

               ],
               "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                 { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                      # fullPathMatch must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                   "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                     { # matchRule criteria for request header matches.
-                      "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "headerName": "A String", # The name of the HTTP header to match.
+                          # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                          # For matching a request's method, use the headerName ":method".
+                          # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                          # The default setting is false.
+                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                          # For example for a range [-5, 0]
+                          # - -3 will match.
+                          # - 0 will not match.
+                          # - 0.25 will not match.
+                          # - -3someString will not match.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                         "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                         "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                       },
-                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                          # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                     },
                   ],
-                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                      # The default value is false.
+                      # ignoreCase must not be used with regexMatch.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                      # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                          # This list must not be empty and can have at the most 64 entries.
                         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                          "name": "A String", # Name of metadata label.
+                              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                          "value": "A String", # The value of the label must match the specified value.
+                              # value can have a maximum length of 1024 characters.
                         },
                       ],
-                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                          # Supported values are:
+                          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                     },
                   ],
-                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                      # The value must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                      # Not supported when the URL map is bound to target gRPC proxy.
                     { # HttpRouteRuleMatch criteria for a request's query parameter.
-                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
                       "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                  # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                  # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2586,53 +3899,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2642,25 +3986,45 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
@@ -2668,11 +4032,16 @@ 
Method Details

       ],
       "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         { # Message for the expected URL mappings.
           "description": "A String", # Description of this test case.
-          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+              # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+              # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+              # expectedOutputUrl is optional when service is specified.
+          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+              # expectedRedirectResponseCode cannot be set when service is set.
           "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
             { # HTTP headers used in UrlMapTests.
               "name": "A String", # Header name.
@@ -2681,7 +4050,8 @@ 
Method Details

           ],
           "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
           "path": "A String", # Path portion of the URL.
-          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+              # service cannot be set if expectedRedirectResponseCode is set.
         },
       ],
     },
@@ -2691,7 +4061,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2717,7 +4088,7 @@ 
Method Details

 

 
 

-    patch(project, urlMap, body=None, requestId=None, x__xgafv=None)
+    patch(project, urlMap, body=None, requestId=None)
   
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -2726,21 +4097,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2749,53 +4143,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2805,34 +4230,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2842,7 +4294,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2852,7 +4305,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2863,19 +4317,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2884,53 +4344,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2940,33 +4431,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2976,7 +4497,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2984,24 +4506,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3010,53 +4540,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3066,37 +4627,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3106,21 +4693,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3129,60 +4720,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3191,53 +4834,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3247,25 +4921,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3273,11 +4967,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -3286,21 +4985,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3334,7 +5047,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3348,7 +5062,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -3363,10 +5077,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -3379,7 +5089,7 @@ 
Method Details

 

 
 

-    update(project, urlMap, body=None, requestId=None, x__xgafv=None)
+    update(project, urlMap, body=None, requestId=None)
   
Updates the specified UrlMap resource with the data included in the request.
 
 Args:
@@ -3388,21 +5098,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3411,53 +5144,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3467,34 +5231,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3504,7 +5295,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3514,7 +5306,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -3525,19 +5318,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3546,53 +5345,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3602,33 +5432,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3638,7 +5498,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3646,24 +5507,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3672,53 +5541,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3728,37 +5628,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3768,21 +5694,25 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
               "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
             },
           ],
-          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+              # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
               "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
               "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -3791,60 +5721,112 @@ 
Method Details

           ],
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3853,53 +5835,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3909,25 +5922,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3935,11 +5968,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -3948,21 +5986,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3996,7 +6048,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4010,7 +6063,7 @@ 
Method Details

 

 
 

-    validate(project, urlMap, body=None, x__xgafv=None)
+    validate(project, urlMap, body=None)
   
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.
 
 Args:
@@ -4020,21 +6073,44 @@ 
Method Details

     The object takes the form of:
 
 {
-  "resource": { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/beta/urlMaps) * [Regional](/compute/docs/reference/rest/beta/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts. # Content of the UrlMap to be validated.
+  "resource": { # Represents a URL Map resource. # Content of the UrlMap to be validated.
+      #
+      # Google Compute Engine has two URL Map resources:
+      #
+      # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+      #
+      # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+      #
+      # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+      #
+      # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+      #
+      # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+      #
+      # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+      #
+      # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-    "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+    "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+        # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+        # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+        # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+            # Default is false.
         "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
           "A String",
         ],
         "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
           "A String",
         ],
-        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
-        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
         "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4043,53 +6119,84 @@ 
Method Details

         ],
         "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
       },
-      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+          # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
         "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-          "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "httpStatus": 42, # The HTTP status code used to abort the request.
+              # The value must be between 200 and 599 inclusive.
+              # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
         "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
           "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+          # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
       },
-      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+            # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+            # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+            # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+            # -
+            # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+            # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+            # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+            # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+            # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+            # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+            # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
           "A String",
         ],
       },
-      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+          # If not specified, will use the largest timeout among all backend services associated with the route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+          # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+            # The value must be between 1 and 255 characters.
+        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+            # The value must be between 1 and 1024 characters.
       },
-      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-        { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+          # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+        { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
           "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4099,34 +6206,61 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+              # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+              # The value must be between 0 and 1000
         },
       ],
     },
-    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+        # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+        # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+        # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+          # The value must be between 1 and 255 characters.
+      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+          # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+          # The default is set to false.
+      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+          # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+          # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+          # Supported values are:
+          # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+          # - FOUND, which corresponds to 302.
+          # - SEE_OTHER which corresponds to 303.
+          # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+          # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+          # The default is set to false.
     },
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+        # The headerAction specified here take effect after headerAction specified under pathMatcher.
+        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4136,7 +6270,8 @@ 
Method Details

         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -4146,7 +6281,8 @@ 
Method Details

     "hostRules": [ # The list of HostRules to use against the URL.
       { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+            # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "A String",
         ],
         "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -4157,19 +6293,25 @@ 
Method Details

     "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     "pathMatchers": [ # The list of named PathMatchers to use against the URL.
       { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-        "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+        "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+            # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+            # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                # Default is false.
             "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
               "A String",
             ],
             "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
               "A String",
             ],
-            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
-            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
             "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4178,53 +6320,84 @@ 
Method Details

             ],
             "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
           },
-          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+              # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
             "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-              "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "httpStatus": 42, # The HTTP status code used to abort the request.
+                  # The value must be between 200 and 599 inclusive.
+                  # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
             "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
               "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+              # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
           },
-          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                # -
+                # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
               "A String",
             ],
           },
-          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+              # If not specified, will use the largest timeout among all backend services associated with the route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+              # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                # The value must be between 1 and 255 characters.
+            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                # The value must be between 1 and 1024 characters.
           },
-          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-            { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+              # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+            { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
               "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4234,33 +6407,63 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                  # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                  # The value must be between 0 and 1000
             },
           ],
         },
-        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+            # - compute/v1/projects/project/global/backendServices/backendService
+            # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+            # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+            # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+            # - compute.backendBuckets.use
+            # - compute.backendServices.use
+        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+            # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+              # The value must be between 1 and 255 characters.
+          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+              # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+              # The default is set to false.
+          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+              # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+              # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+              # Supported values are:
+              # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+              # - FOUND, which corresponds to 302.
+              # - SEE_OTHER which corresponds to 303.
+              # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+              # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+              # The default is set to false.
         },
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4270,7 +6473,8 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -4278,24 +6482,32 @@ 
Method Details

           ],
         },
         "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+            # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+            # Within a given pathMatcher, only one of pathRules or routeRules must be set.
           { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
             "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
               "A String",
             ],
-            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of routeAction or urlRedirect must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4304,53 +6516,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4360,37 +6603,63 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
-        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+            # Within a given pathMatcher, you can set only one of pathRules or routeRules.
           { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-            "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "description": "A String", # The short description conveying the intent of this routeRule.
+                # The description can have a maximum length of 1024 characters.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4400,21 +6669,25 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterConfigs": [ # Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
                 "filterName": "A String", # Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm
               },
             ],
-            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "httpFilterMetadata": [ # Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for Loadbalancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details.
+                # The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               { # HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.
                 "config": "A String", # The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl
                 "configTypeUrl": "A String", # The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct
@@ -4423,60 +6696,112 @@ 
Method Details

             ],
             "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
               { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                    # fullPathMatch must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                 "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                   { # matchRule criteria for request header matches.
-                    "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "headerName": "A String", # The name of the HTTP header to match.
+                        # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                        # For matching a request's method, use the headerName ":method".
+                        # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                        # The default setting is false.
+                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                        # For example for a range [-5, 0]
+                        # - -3 will match.
+                        # - 0 will not match.
+                        # - 0.25 will not match.
+                        # - -3someString will not match.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                       "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                       "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                     },
-                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                        # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                   },
                 ],
-                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                    # The default value is false.
+                    # ignoreCase must not be used with regexMatch.
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                    # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                    # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                      # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                        # This list must not be empty and can have at the most 64 entries.
                       { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                        "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                        "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                        "name": "A String", # Name of metadata label.
+                            # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                        "value": "A String", # The value of the label must match the specified value.
+                            # value can have a maximum length of 1024 characters.
                       },
                     ],
-                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                        # Supported values are:
+                        # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                        # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                   },
                 ],
-                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                    # The value must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                    # Not supported when the URL map is bound to target gRPC proxy.
                   { # HttpRouteRuleMatch criteria for a request's query parameter.
-                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
                     "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                        # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                   },
                 ],
-                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                    # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               },
             ],
-            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4485,53 +6810,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4541,25 +6897,45 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
@@ -4567,11 +6943,16 @@ 
Method Details

     ],
     "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
     "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       { # Message for the expected URL mappings.
         "description": "A String", # Description of this test case.
-        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+            # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+            # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+            # expectedOutputUrl is optional when service is specified.
+        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+            # expectedRedirectResponseCode cannot be set when service is set.
         "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
           { # HTTP headers used in UrlMapTests.
             "name": "A String", # Header name.
@@ -4580,16 +6961,13 @@ 
Method Details

         ],
         "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
         "path": "A String", # Path portion of the URL.
-        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+            # service cannot be set if expectedRedirectResponseCode is set.
       },
     ],
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.vpnGateways.html b/docs/dyn/compute_beta.vpnGateways.html
index 16caf33fbdc..d5e18f79a2e 100644
--- a/docs/dyn/compute_beta.vpnGateways.html
+++ b/docs/dyn/compute_beta.vpnGateways.html
@@ -75,7 +75,7 @@
 
Compute Engine API . vpnGateways

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of VPN gateways.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, vpnGateway, requestId=None, x__xgafv=None)

+  delete(project, region, vpnGateway, requestId=None)

 
Deletes the specified VPN gateway.

 

-  get(project, region, vpnGateway, x__xgafv=None)

+  get(project, region, vpnGateway)

 
Returns the specified VPN gateway. Gets a list of available VPN gateways by making a list() request.

 

-  getStatus(project, region, vpnGateway, x__xgafv=None)

+  getStatus(project, region, vpnGateway)

 
Returns the status for the specified VPN gateway.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a VPN gateway in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of VPN gateways available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a VpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of VPN gateways.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,12 +139,16 @@ 
Method Details

   "items": { # A list of VpnGateway resources.
     "a_key": { # [Output Only] Name of the scope containing this set of VPN gateways.
       "vpnGateways": [ # [Output Only] A list of VPN gateways contained in this scope.
-        { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+        { # Represents a HA VPN gateway.
+            #
+            # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -149,7 +159,8 @@ 
Method Details

           "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
             { # A VPN gateway interface.
               "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-              "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+              "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+                  # Not currently available publicly.
               "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
             },
           ],
@@ -157,7 +168,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -175,7 +187,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -206,23 +219,36 @@ 
Method Details

 

 
 

-    delete(project, region, vpnGateway, requestId=None, x__xgafv=None)
+    delete(project, region, vpnGateway, requestId=None)
   
Deletes the specified VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -256,7 +282,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -270,27 +297,27 @@ 
Method Details

 

 
 

-    get(project, region, vpnGateway, x__xgafv=None)
+    get(project, region, vpnGateway)
   
Returns the specified VPN gateway. Gets a list of available VPN gateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+    { # Represents a HA VPN gateway.
+    #
+    # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -301,7 +328,8 @@ 
Method Details

   "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
     { # A VPN gateway interface.
       "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+          # Not currently available publicly.
       "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
     },
   ],
@@ -309,17 +337,13 @@ 
Method Details

 

 
 

-    getStatus(project, region, vpnGateway, x__xgafv=None)
+    getStatus(project, region, vpnGateway)
   
Returns the status for the specified VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -348,7 +372,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a VPN gateway in the specified project and region using the data included in the request.
 
 Args:
@@ -357,12 +381,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+{ # Represents a HA VPN gateway.
+    # 
+    # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -373,22 +401,36 @@ 
Method Details

   "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
     { # A VPN gateway interface.
       "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+          # Not currently available publicly.
       "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -422,7 +464,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -436,21 +479,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of VPN gateways available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -458,12 +507,16 @@ 
Method Details

     { # Contains a list of VpnGateway resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of VpnGateway resources.
-    { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+    { # Represents a HA VPN gateway.
+        #
+        # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -474,7 +527,8 @@ 
Method Details

       "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
         { # A VPN gateway interface.
           "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-          "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+          "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+              # Not currently available publicly.
           "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
         },
       ],
@@ -485,7 +539,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -511,7 +566,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a VpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -528,16 +583,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -571,7 +639,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -585,7 +654,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -601,10 +670,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.vpnTunnels.html b/docs/dyn/compute_beta.vpnTunnels.html
index d3080fd4768..0bc335a4932 100644
--- a/docs/dyn/compute_beta.vpnTunnels.html
+++ b/docs/dyn/compute_beta.vpnTunnels.html
@@ -75,7 +75,7 @@
 
Compute Engine API . vpnTunnels

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of VPN tunnels.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, vpnTunnel, requestId=None, x__xgafv=None)

+  delete(project, region, vpnTunnel, requestId=None)

 
Deletes the specified VpnTunnel resource.

 

-  get(project, region, vpnTunnel, x__xgafv=None)

+  get(project, region, vpnTunnel)

 
Returns the specified VpnTunnel resource. Gets a list of available VPN tunnels by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a VpnTunnel resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of VpnTunnel resources contained in the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of VPN tunnels.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,14 +136,18 @@ 
Method Details

   "items": { # A list of VpnTunnelsScopedList resources.
     "a_key": { # Name of the scope containing this set of VPN tunnels.
       "vpnTunnels": [ # A list of VPN tunnels contained in this scope.
-        { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+        { # Represents a Cloud VPN Tunnel resource.
+            #
+            # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
           "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -157,7 +167,22 @@ 
Method Details

           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
           "sharedSecretHash": "A String", # Hash of the shared secret.
-          "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+          "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+              # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+              # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+              # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+              # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+              # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+              # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+              # - NEGOTIATION_FAILURE: Handshake failed.
+              # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+              # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+              # - NO_INCOMING_PACKETS: No incoming packets from peer.
+              # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+              # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+              # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+              # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+              # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
           "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
           "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
           "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -165,7 +190,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -183,7 +209,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -214,23 +241,36 @@ 
Method Details

 

 
 

-    delete(project, region, vpnTunnel, requestId=None, x__xgafv=None)
+    delete(project, region, vpnTunnel, requestId=None)
   
Deletes the specified VpnTunnel resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnTunnel: string, Name of the VpnTunnel resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -264,7 +304,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -278,29 +319,29 @@ 
Method Details

 

 
 

-    get(project, region, vpnTunnel, x__xgafv=None)
+    get(project, region, vpnTunnel)
   
Returns the specified VpnTunnel resource. Gets a list of available VPN tunnels by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnTunnel: string, Name of the VpnTunnel resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+    { # Represents a Cloud VPN Tunnel resource.
+    #
+    # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
   "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -320,7 +361,22 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
   "sharedSecretHash": "A String", # Hash of the shared secret.
-  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+      # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+      # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+      # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+      # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+      # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+      # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+      # - NEGOTIATION_FAILURE: Handshake failed.
+      # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+      # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+      # - NO_INCOMING_PACKETS: No incoming packets from peer.
+      # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+      # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+      # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+      # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+      # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
   "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
   "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
   "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -328,7 +384,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a VpnTunnel resource in the specified project and region using the data included in the request.
 
 Args:
@@ -337,14 +393,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+{ # Represents a Cloud VPN Tunnel resource.
+    # 
+    # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
   "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -364,22 +424,50 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
   "sharedSecretHash": "A String", # Hash of the shared secret.
-  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+      # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+      # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+      # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+      # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+      # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+      # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+      # - NEGOTIATION_FAILURE: Handshake failed.
+      # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+      # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+      # - NO_INCOMING_PACKETS: No incoming packets from peer.
+      # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+      # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+      # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+      # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+      # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
   "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
   "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
   "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -413,7 +501,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -427,21 +516,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of VpnTunnel resources contained in the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -449,14 +544,18 @@ 
Method Details

     { # Contains a list of VpnTunnel resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of VpnTunnel resources.
-    { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+    { # Represents a Cloud VPN Tunnel resource.
+        #
+        # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ikeVersion": 42, # IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway. Acceptable IKE versions are 1 or 2. The default version is 2.
       "kind": "compute#vpnTunnel", # [Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a VpnTunnel.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -476,7 +575,22 @@ 
Method Details

       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
       "sharedSecretHash": "A String", # Hash of the shared secret.
-      "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+      "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+          # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+          # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+          # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+          # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+          # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+          # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+          # - NEGOTIATION_FAILURE: Handshake failed.
+          # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+          # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+          # - NO_INCOMING_PACKETS: No incoming packets from peer.
+          # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+          # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+          # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+          # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+          # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
       "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
       "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
       "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -487,7 +601,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -513,7 +628,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -530,16 +645,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -573,7 +701,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -587,7 +716,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -603,10 +732,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_beta.zoneOperations.html b/docs/dyn/compute_beta.zoneOperations.html
index 9f986cf4239..b09acc3efed 100644
--- a/docs/dyn/compute_beta.zoneOperations.html
+++ b/docs/dyn/compute_beta.zoneOperations.html
@@ -78,20 +78,20 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, operation, x__xgafv=None)

+  delete(project, zone, operation)

 
Deletes the specified zone-specific Operations resource.

 

-  get(project, zone, operation, x__xgafv=None)

+  get(project, zone, operation)

 
Retrieves the specified zone-specific Operations resource.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, zone, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, zone, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

     close()
@@ -99,37 +99,42 @@ 
Method Details

 

 
 

-    delete(project, zone, operation, x__xgafv=None)
+    delete(project, zone, operation)
   
Deletes the specified zone-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, zone, operation, x__xgafv=None)
+    get(project, zone, operation)
   
Retrieves the specified zone-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -163,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -177,21 +183,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -199,7 +211,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -233,7 +258,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -250,7 +276,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -276,22 +303,35 @@ 
Method Details

 

 
 

-    wait(project, zone, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, zone, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -325,7 +365,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_beta.zones.html b/docs/dyn/compute_beta.zones.html
index 48c2997ffe1..7d612033a9a 100644
--- a/docs/dyn/compute_beta.zones.html
+++ b/docs/dyn/compute_beta.zones.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, x__xgafv=None)

+  get(project, zone)

 
Returns the specified Zone resource. Gets a list of available zones by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Zone resources available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,21 +93,19 @@ 
Method Details

 

 
 

-    get(project, zone, x__xgafv=None)
+    get(project, zone)
   
Returns the specified Zone resource. Gets a list of available zones by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Zone resource. A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones.
+    { # Represents a Zone resource.
+    #
+    # A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones. (== resource_for {$api_version}.zones ==)
   "availableCpuPlatforms": [ # [Output Only] Available cpu/platform selections for the zone.
     "A String",
   ],
@@ -131,20 +129,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Zone resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -152,7 +156,9 @@ 
Method Details

     { # Contains a list of zone resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Zone resources.
-    { # Represents a Zone resource. A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones.
+    { # Represents a Zone resource.
+        #
+        # A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones. (== resource_for {$api_version}.zones ==)
       "availableCpuPlatforms": [ # [Output Only] Available cpu/platform selections for the zone.
         "A String",
       ],
@@ -179,7 +185,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.acceleratorTypes.html b/docs/dyn/compute_v1.acceleratorTypes.html
index c2302baea53..3331381b454 100644
--- a/docs/dyn/compute_v1.acceleratorTypes.html
+++ b/docs/dyn/compute_v1.acceleratorTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . acceleratorTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of accelerator types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, acceleratorType, x__xgafv=None)

+  get(project, zone, acceleratorType)

 
Returns the specified accelerator type.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of accelerator types that are available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of accelerator types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of AcceleratorTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of accelerator types.
       "acceleratorTypes": [ # [Output Only] A list of accelerator types contained in this scope.
-        { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+        { # Represents an Accelerator Type resource.
+            #
+            # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
             "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -138,7 +146,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the accelerator types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -156,7 +165,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -187,22 +197,20 @@ 
Method Details

 

 
 

-    get(project, zone, acceleratorType, x__xgafv=None)
+    get(project, zone, acceleratorType)
   
Returns the specified accelerator type.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   acceleratorType: string, Name of the accelerator type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+    { # Represents an Accelerator Type resource.
+    #
+    # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
     "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -222,21 +230,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of accelerator types that are available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -244,7 +258,9 @@ 
Method Details

     { # Contains a list of accelerator types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of AcceleratorType resources.
-    { # Represents an Accelerator Type resource. Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine.
+    { # Represents an Accelerator Type resource.
+        #
+        # Google Cloud Platform provides graphics processing units (accelerators) that you can add to VM instances to improve or accelerate performance when working with intensive workloads. For more information, read GPUs on Compute Engine. (== resource_for {$api_version}.acceleratorTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this accelerator type.
         "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -267,7 +283,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.addresses.html b/docs/dyn/compute_v1.addresses.html
index 7fd4c982f44..65f9d2d28b8 100644
--- a/docs/dyn/compute_v1.addresses.html
+++ b/docs/dyn/compute_v1.addresses.html
@@ -75,7 +75,7 @@
 
Compute Engine API . addresses

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of addresses.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, address, requestId=None, x__xgafv=None)

+  delete(project, region, address, requestId=None)

 
Deletes the specified address resource.

 

-  get(project, region, address, x__xgafv=None)

+  get(project, region, address)

 
Returns the specified address resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an address resource in the specified project by using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of addresses contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of addresses.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,7 +130,21 @@ 
Method Details

   "items": { # A list of AddressesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of addresses.
       "addresses": [ # [Output Only] A list of addresses contained in this scope.
-        { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+        { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+            #
+            # Use global internal addresses for reserved peering network range.
+            #
+            # Use regional external addresses for the following resources:
+            #
+            # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+            #
+            # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+            #
+            # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+            #
+            # For more information, read reserved IP address.
+            #
+            # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
           "address": "A String", # The static IP address represented by this resource.
           "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -134,10 +154,17 @@ 
Method Details

           "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
           "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+              #
+              # If this field is not specified, it is assumed to be PREMIUM.
           "prefixLength": 42, # The prefix length if the resource represents an IP range.
-          "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-          "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+          "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+              # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+              # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+              # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+              # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+              # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+          "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
           "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -148,7 +175,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,7 +194,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,23 +226,36 @@ 
Method Details

 

 
 

-    delete(project, region, address, requestId=None, x__xgafv=None)
+    delete(project, region, address, requestId=None)
   
Deletes the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   address: string, Name of the address resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -247,7 +289,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -261,22 +304,32 @@ 
Method Details

 

 
 

-    get(project, region, address, x__xgafv=None)
+    get(project, region, address)
   
Returns the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   address: string, Name of the address resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    #
+    # Use global internal addresses for reserved peering network range.
+    #
+    # Use regional external addresses for the following resources:
+    #
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    #
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    #
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    #
+    # For more information, read reserved IP address.
+    #
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -286,10 +339,17 @@ 
Method Details

   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -300,7 +360,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an address resource in the specified project by using the data included in the request.
 
 Args:
@@ -309,7 +369,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    # 
+    # Use global internal addresses for reserved peering network range.
+    # 
+    # Use regional external addresses for the following resources:
+    # 
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    # 
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    # 
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    # 
+    # For more information, read reserved IP address.
+    # 
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -319,10 +393,17 @@ 
Method Details

   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -331,16 +412,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -374,7 +468,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -388,21 +483,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of addresses contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -410,7 +511,21 @@ 
Method Details

     { # Contains a list of addresses.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Address resources.
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+        #
+        # Use global internal addresses for reserved peering network range.
+        #
+        # Use regional external addresses for the following resources:
+        #
+        # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+        #
+        # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+        #
+        # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+        #
+        # For more information, read reserved IP address.
+        #
+        # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
       "address": "A String", # The static IP address represented by this resource.
       "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -420,10 +535,17 @@ 
Method Details

       "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM.
       "prefixLength": 42, # The prefix length if the resource represents an IP range.
-      "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+      "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+          # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+          # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+          # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+          # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+          # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
       "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -437,7 +559,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.autoscalers.html b/docs/dyn/compute_v1.autoscalers.html
index a8554d024a3..4b3b80e9b84 100644
--- a/docs/dyn/compute_v1.autoscalers.html
+++ b/docs/dyn/compute_v1.autoscalers.html
@@ -75,7 +75,7 @@
 
Compute Engine API . autoscalers

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of autoscalers.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, autoscaler, requestId=None, x__xgafv=None)

+  delete(project, zone, autoscaler, requestId=None)

 
Deletes the specified autoscaler.

 

-  get(project, zone, autoscaler, x__xgafv=None)

+  get(project, zone, autoscaler)

 
Returns the specified autoscaler resource. Gets a list of available autoscalers by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an autoscaler in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of autoscalers contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  update(project, zone, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of autoscalers.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,19 +136,58 @@ 
Method Details

   "items": { # A list of AutoscalersScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of autoscalers.
       "autoscalers": [ # [Output Only] A list of autoscalers contained in this scope.
-        { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-          "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-            "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+        { # Represents an Autoscaler resource.
+            #
+            # Google Compute Engine has two Autoscaler resources:
+            #
+            # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+            #
+            # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+            #
+            # For zonal managed instance groups resource, use the autoscaler resource.
+            #
+            # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+          "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+              #
+              # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+            "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+                #
+                # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
             "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-              "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-              "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+              "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+                  #
+                  # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+              "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+                  #
+                  # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+                  #
+                  # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
             },
             "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
               { # Custom utilization metric policy.
-                "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-                "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-                "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-                "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+                "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                    #
+                    # For the filter to be valid for autoscaling purposes, the following rules apply:
+                    # - You can only use the AND operator for joining selectors.
+                    # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                    # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                    # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                    # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                    #
+                    # If not specified, the type defaults to gce_instance.
+                    #
+                    # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+                "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                    #
+                    # The metric must have a value type of INT64 or DOUBLE.
+                "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                    #
+                    # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                    #
+                    # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+                "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                    #
+                    # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
                 "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
               },
             ],
@@ -154,7 +199,11 @@ 
Method Details

             "mode": "A String", # Defines operating mode for this policy.
             "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
               "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -167,7 +216,7 @@ 
Method Details

                 "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
                 "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
                 "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-                "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+                "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
               },
             },
           },
@@ -186,11 +235,31 @@ 
Method Details

             },
           },
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+          "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+              # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+              # - DELETING: Configuration is being deleted.
+              # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+              # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
           "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
             {
               "message": "A String", # The status message.
-              "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+              "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+                  # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+                  # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+                  # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+                  # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+                  # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+                  # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+                  # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+                  # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+                  # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+                  # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+                  # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+                  # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+                  # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+                  # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+                  # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+                  # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
             },
           ],
           "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -199,7 +268,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of autoscalers when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -212,12 +282,13 @@ 
Method Details

   "kind": "compute#autoscalerAggregatedList", # [Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "unreachables": [ # [Output Only] Unreachable resources. end_interface: MixerListResponseWithEtagBuilder
+  "unreachables": [ # [Output Only] Unreachable resources.
     "A String",
   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -248,23 +319,36 @@ 
Method Details

 

 
 

-    delete(project, zone, autoscaler, requestId=None, x__xgafv=None)
+    delete(project, zone, autoscaler, requestId=None)
   
Deletes the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   autoscaler: string, Name of the autoscaler to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -298,7 +382,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -312,34 +397,69 @@ 
Method Details

 

 
 

-    get(project, zone, autoscaler, x__xgafv=None)
+    get(project, zone, autoscaler)
   
Returns the specified autoscaler resource. Gets a list of available autoscalers by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   autoscaler: string, Name of the autoscaler to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+    #
+    # Google Compute Engine has two Autoscaler resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    #
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    #
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    #
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      #
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -351,7 +471,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -364,7 +488,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -383,11 +507,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -396,7 +540,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -405,19 +549,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -429,7 +612,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -442,7 +629,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -461,27 +648,60 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
   "zone": "A String", # [Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -515,7 +735,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -529,21 +750,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of autoscalers contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -551,19 +778,58 @@ 
Method Details

     { # Contains a list of Autoscaler resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Autoscaler resources.
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+        #
+        # Google Compute Engine has two Autoscaler resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+        #
+        # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+        #
+        # For zonal managed instance groups resource, use the autoscaler resource.
+        #
+        # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+          #
+          # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+            #
+            # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
         "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+              #
+              # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+              #
+              # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+              #
+              # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
         },
         "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
           { # Custom utilization metric policy.
-            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                #
+                # For the filter to be valid for autoscaling purposes, the following rules apply:
+                # - You can only use the AND operator for joining selectors.
+                # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                #
+                # If not specified, the type defaults to gce_instance.
+                #
+                # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                #
+                # The metric must have a value type of INT64 or DOUBLE.
+            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                #
+                # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                #
+                # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                #
+                # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
             "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
           },
         ],
@@ -575,7 +841,11 @@ 
Method Details

         "mode": "A String", # Defines operating mode for this policy.
         "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -588,7 +858,7 @@ 
Method Details

             "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
             "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
             "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
           },
         },
       },
@@ -607,11 +877,31 @@ 
Method Details

         },
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+          # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+          # - DELETING: Configuration is being deleted.
+          # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+          # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
       "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
         {
           "message": "A String", # The status message.
-          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+              # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+              # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+              # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+              # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+              # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+              # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+              # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+              # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+              # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+              # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+              # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+              # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+              # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+              # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+              # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+              # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
         },
       ],
       "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -623,7 +913,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -649,7 +940,7 @@ 
Method Details

 

 
 

-    patch(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -658,19 +949,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -682,7 +1012,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -695,7 +1029,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -714,11 +1048,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -726,16 +1080,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -769,7 +1136,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -783,7 +1151,7 @@ 
Method Details

 

 
 

-    update(project, zone, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    update(project, zone, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -792,19 +1160,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -816,7 +1223,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -829,7 +1240,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -848,11 +1259,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -860,16 +1291,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to update.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -903,7 +1347,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.backendBuckets.html b/docs/dyn/compute_v1.backendBuckets.html
index a7e105bb634..c7f3865e68c 100644
--- a/docs/dyn/compute_v1.backendBuckets.html
+++ b/docs/dyn/compute_v1.backendBuckets.html
@@ -75,38 +75,38 @@
 
Compute Engine API . backendBuckets

 
Instance Methods

 

-  addSignedUrlKey(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  addSignedUrlKey(project, backendBucket, body=None, requestId=None)

 
Adds a key for validating requests with signed URLs for this backend bucket.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, backendBucket, requestId=None, x__xgafv=None)

+  delete(project, backendBucket, requestId=None)

 
Deletes the specified BackendBucket resource.

 

-  deleteSignedUrlKey(project, backendBucket, keyName, requestId=None, x__xgafv=None)

+  deleteSignedUrlKey(project, backendBucket, keyName, requestId=None)

 
Deletes a key for validating requests with signed URLs for this backend bucket.

 

-  get(project, backendBucket, x__xgafv=None)

+  get(project, backendBucket)

 
Returns the specified BackendBucket resource. Gets a list of available backend buckets by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a BackendBucket resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of BackendBucket resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  patch(project, backendBucket, body=None, requestId=None)

 
Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, backendBucket, body=None, requestId=None, x__xgafv=None)

+  update(project, backendBucket, body=None, requestId=None)

 
Updates the specified BackendBucket resource with the data included in the request.

 
Method Details

 

-    addSignedUrlKey(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    addSignedUrlKey(project, backendBucket, body=None, requestId=None)
   
Adds a key for validating requests with signed URLs for this backend bucket.
 
 Args:
@@ -120,16 +120,29 @@ 
Method Details

   "keyValue": "A String", # 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -163,7 +176,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -182,22 +196,35 @@ 
Method Details

 

 
 

-    delete(project, backendBucket, requestId=None, x__xgafv=None)
+    delete(project, backendBucket, requestId=None)
   
Deletes the specified BackendBucket resource.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -231,7 +258,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -245,23 +273,36 @@ 
Method Details

 

 
 

-    deleteSignedUrlKey(project, backendBucket, keyName, requestId=None, x__xgafv=None)
+    deleteSignedUrlKey(project, backendBucket, keyName, requestId=None)
   
Deletes a key for validating requests with signed URLs for this backend bucket.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035. (required)
   keyName: string, The name of the Signed URL Key to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -295,7 +336,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -309,21 +351,19 @@ 
Method Details

 

 
 

-    get(project, backendBucket, x__xgafv=None)
+    get(project, backendBucket)
   
Returns the specified BackendBucket resource. Gets a list of available backend buckets by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   backendBucket: string, Name of the BackendBucket resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+    { # Represents a Cloud Storage Bucket resource.
+    #
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -331,7 +371,13 @@ 
Method Details

         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
       },
     ],
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -363,7 +409,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a BackendBucket resource in the specified project using the data included in the request.
 
 Args:
@@ -371,7 +417,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -379,7 +427,13 @@ 
Method Details

         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
       },
     ],
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -409,16 +463,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -452,7 +519,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -466,20 +534,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of BackendBucket resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -487,7 +561,9 @@ 
Method Details

     { # Contains a list of BackendBucket resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendBucket resources.
-    { # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+    { # Represents a Cloud Storage Bucket resource.
+        #
+        # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
       "bucketName": "A String", # Cloud Storage bucket name.
       "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -495,7 +571,13 @@ 
Method Details

             "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
           },
         ],
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -530,7 +612,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -556,7 +639,7 @@ 
Method Details

 

 
 

-    patch(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    patch(project, backendBucket, body=None, requestId=None)
   
Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -565,7 +648,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -573,7 +658,13 @@ 
Method Details

         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
       },
     ],
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -603,16 +694,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -646,7 +750,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -660,7 +765,7 @@ 
Method Details

 

 
 

-    update(project, backendBucket, body=None, requestId=None, x__xgafv=None)
+    update(project, backendBucket, body=None, requestId=None)
   
Updates the specified BackendBucket resource with the data included in the request.
 
 Args:
@@ -669,7 +774,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Storage Bucket resource. This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
+{ # Represents a Cloud Storage Bucket resource.
+    # 
+    # This Cloud Storage bucket resource is referenced by a URL map of a load balancer. For more information, read Backend Buckets.
   "bucketName": "A String", # Cloud Storage bucket name.
   "cdnPolicy": { # Message containing Cloud CDN configuration for a backend bucket. # Cloud CDN configuration for this BackendBucket.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
@@ -677,7 +784,13 @@ 
Method Details

         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
       },
     ],
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -707,16 +820,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -750,7 +876,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.backendServices.html b/docs/dyn/compute_v1.backendServices.html
index b2a54f5c053..b65de89685d 100644
--- a/docs/dyn/compute_v1.backendServices.html
+++ b/docs/dyn/compute_v1.backendServices.html
@@ -75,10 +75,10 @@
 
Compute Engine API . backendServices

 
Instance Methods

 

-  addSignedUrlKey(project, backendService, body=None, requestId=None, x__xgafv=None)

+  addSignedUrlKey(project, backendService, body=None, requestId=None)

 
Adds a key for validating requests with signed URLs for this backend service.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all BackendService resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,38 +87,38 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, backendService, requestId=None, x__xgafv=None)

+  delete(project, backendService, requestId=None)

 
Deletes the specified BackendService resource.

 

-  deleteSignedUrlKey(project, backendService, keyName, requestId=None, x__xgafv=None)

+  deleteSignedUrlKey(project, backendService, keyName, requestId=None)

 
Deletes a key for validating requests with signed URLs for this backend service.

 

-  get(project, backendService, x__xgafv=None)

+  get(project, backendService)

 
Returns the specified BackendService resource. Gets a list of available backend services.

 

-  getHealth(project, backendService, body=None, x__xgafv=None)

-
Gets the most recent health check results for this BackendService. Example request body: { "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }

+  getHealth(project, backendService, body=None)

+
Gets the most recent health check results for this BackendService.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

-
Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview .

+  insert(project, body=None, requestId=None)

+
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of BackendService resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, backendService, body=None, requestId=None, x__xgafv=None)

-
Patches the specified BackendService resource with the data included in the request. For more information, see Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+  patch(project, backendService, body=None, requestId=None)

+
Patches the specified BackendService resource with the data included in the request. For more information, see  Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)

+  setSecurityPolicy(project, backendService, body=None, requestId=None)

 
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview

 

-  update(project, backendService, body=None, requestId=None, x__xgafv=None)

+  update(project, backendService, body=None, requestId=None)

 
Updates the specified BackendService resource with the data included in the request. For more information, see Backend services overview.

 
Method Details

 

-    addSignedUrlKey(project, backendService, body=None, requestId=None, x__xgafv=None)
+    addSignedUrlKey(project, backendService, body=None, requestId=None)
   
Adds a key for validating requests with signed URLs for this backend service.
 
 Args:
@@ -132,16 +132,29 @@ 
Method Details

   "keyValue": "A String", # 128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -175,7 +188,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -189,21 +203,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all BackendService resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -213,25 +233,69 @@ 
Method Details

   "items": { # A list of BackendServicesScopedList resources.
     "a_key": { # Name of the scope containing this set of BackendServices.
       "backendServices": [ # A list of BackendServices contained in this scope.
-        { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-          "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+        { # Represents a Backend Service resource.
+            #
+            # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+            #
+            # Backend services in Google Compute Engine can be either regionally or globally scoped.
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+            #
+            # For more information, see Backend Services.
+            #
+            # (== resource_for {$api_version}.backendService ==)
+          "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+              #
+              # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backends": [ # The list of backends that serve this BackendService.
             { # Message containing information of one individual backend.
-              "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-              "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+              "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+              "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+                  #
+                  # Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
               "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-              "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-              "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-              "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-              "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-              "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-              "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-              "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+              "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+                  #
+                  #
+                  # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+                  #
+                  #
+                  # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+                  #
+                  # For regional services, the backend must be in the same region as the backend service.
+                  #
+                  # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+              "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing
+              "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+              "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is RATE. Not supported by:
+                  #
+                  # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+              "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
+              "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
+              "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+                  #
+                  # Not available if the backend's balancingMode is CONNECTION.
               "maxUtilization": 3.14,
             },
           ],
-          "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+          "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
             "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
               { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
                 "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -248,7 +312,13 @@ 
Method Details

                 "A String",
               ],
             },
-            "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+            "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+                #
+                # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+                #
+                # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+                #
+                # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
             "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
             "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -276,7 +346,13 @@ 
Method Details

           "connectionDraining": { # Message containing connection draining configuration.
             "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
           },
-          "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
               "name": "A String", # Name of the cookie.
               "path": "A String", # Path to set for the cookie.
@@ -298,35 +374,62 @@ 
Method Details

           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
           "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-            "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+            "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+                #
+                # The default is false.
             "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
             "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
           },
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-          "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+          "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
             "A String",
           ],
           "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
             "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
             "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-            "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+            "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
             "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
           },
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-          "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-          "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+          "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+              # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+              # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+              # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+              # - RANDOM: The load balancer selects a random healthy host.
+              # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+              # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+              #
+              # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
             "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
             "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+              # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+              # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-          "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+              #
+              # This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
             "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -345,25 +448,54 @@ 
Method Details

             "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
             "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
           },
-          "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-          "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-          "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+          "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+              #
+              # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+          "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+              #
+              #
+              #
+              # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+          "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+              #
+              # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+              #
+              # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
           "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-          "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-            "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-            "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+          "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+              # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+              # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+            "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+                # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                # If left blank, communications are not encrypted.
+                # Note: This field currently has no impact.
+            "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+                # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+                # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+                # Note: This field currently has no impact.
               "A String",
             ],
           },
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+              #
+              # When the loadBalancingScheme is EXTERNAL:
+              #
+              # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+              #
+              # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+              #
+              # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+              #
+              # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
         },
       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -381,7 +513,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -412,22 +545,35 @@ 
Method Details

 

 
 

-    delete(project, backendService, requestId=None, x__xgafv=None)
+    delete(project, backendService, requestId=None)
   
Deletes the specified BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -461,7 +607,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -475,23 +622,36 @@ 
Method Details

 

 
 

-    deleteSignedUrlKey(project, backendService, keyName, requestId=None, x__xgafv=None)
+    deleteSignedUrlKey(project, backendService, keyName, requestId=None)
   
Deletes a key for validating requests with signed URLs for this backend service.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035. (required)
   keyName: string, The name of the Signed URL Key to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -525,7 +685,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -539,39 +700,79 @@ 
Method Details

 

 
 

-    get(project, backendService, x__xgafv=None)
+    get(project, backendService)
   
Returns the specified BackendService resource. Gets a list of available backend services.
 
 Args:
   project: string, Project ID for this request. (required)
   backendService: string, Name of the BackendService resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+    #
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    #
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    #
+    # For more information, see Backend Services.
+    #
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      #
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -588,7 +789,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -616,7 +823,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -638,35 +851,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      #
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -685,26 +925,58 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      #
+      #
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      #
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      #
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      #
+      # When the loadBalancingScheme is EXTERNAL:
+      #
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      #
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      #
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }

 

 
 

-    getHealth(project, backendService, body=None, x__xgafv=None)
-  
Gets the most recent health check results for this BackendService. Example request body: { "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }
+    getHealth(project, backendService, body=None)
+  
Gets the most recent health check results for this BackendService.
+
+Example request body:
+
+{ "group": "/zones/us-east1-b/instanceGroups/lb-backend-example" }
 
 Args:
   project: string, A parameter (required)
@@ -716,10 +988,6 @@ 
Method Details

   "group": "A String", # A URI referencing one of the instance groups or network endpoint groups listed in the backend service.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -748,33 +1016,77 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
-  
Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview .
+    insert(project, body=None, requestId=None)
+  
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -791,7 +1103,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -819,7 +1137,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -841,35 +1165,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -888,32 +1239,73 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -947,7 +1339,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -961,20 +1354,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of BackendService resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -982,25 +1381,69 @@ 
Method Details

     { # Contains a list of BackendService resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendService resources.
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+        #
+        # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+        #
+        # Backend services in Google Compute Engine can be either regionally or globally scoped.
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+        #
+        # For more information, see Backend Services.
+        #
+        # (== resource_for {$api_version}.backendService ==)
+      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+          #
+          # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backends": [ # The list of backends that serve this BackendService.
         { # Message containing information of one individual backend.
-          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+              #
+              # Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+              #
+              # For regional services, the backend must be in the same region as the backend service.
+              #
+              # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
           "maxUtilization": 3.14,
         },
       ],
-      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
           { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
             "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1017,7 +1460,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1045,7 +1494,13 @@ 
Method Details

       "connectionDraining": { # Message containing connection draining configuration.
         "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
       },
-      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
           "name": "A String", # Name of the cookie.
           "path": "A String", # Path to set for the cookie.
@@ -1067,35 +1522,62 @@ 
Method Details

       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
       "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+            #
+            # The default is false.
         "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
         "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
       },
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
         "A String",
       ],
       "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
         "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
         "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
         "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
       },
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+          # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+          # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+          # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+          # - RANDOM: The load balancer selects a random healthy host.
+          # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+          # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+          #
+          # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
         "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
         "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+          # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+          # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1114,19 +1596,47 @@ 
Method Details

         "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
         "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
       },
-      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-      "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+          #
+          #
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+      "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+          #
+          # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+          #
+          # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
       "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+            # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            # If left blank, communications are not encrypted.
+            # Note: This field currently has no impact.
+        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+            # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+            # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+            # Note: This field currently has no impact.
           "A String",
         ],
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+          #
+          # When the loadBalancingScheme is EXTERNAL:
+          #
+          # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+          #
+          # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+          #
+          # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
     },
   ],
@@ -1135,7 +1645,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1161,8 +1672,8 @@ 
Method Details

 

 
 

-    patch(project, backendService, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified BackendService resource with the data included in the request. For more information, see Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
+    patch(project, backendService, body=None, requestId=None)
+  
Patches the specified BackendService resource with the data included in the request. For more information, see  Backend services overview. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1170,25 +1681,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1205,7 +1760,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1233,7 +1794,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1255,35 +1822,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1302,32 +1896,73 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1361,7 +1996,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1375,7 +2011,7 @@ 
Method Details

 

 
 

-    setSecurityPolicy(project, backendService, body=None, requestId=None, x__xgafv=None)
+    setSecurityPolicy(project, backendService, body=None, requestId=None)
   
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview
 
 Args:
@@ -1388,16 +2024,29 @@ 
Method Details

   "securityPolicy": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1431,7 +2080,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1445,7 +2095,7 @@ 
Method Details

 

 
 

-    update(project, backendService, body=None, requestId=None, x__xgafv=None)
+    update(project, backendService, body=None, requestId=None)
   
Updates the specified BackendService resource with the data included in the request. For more information, see Backend services overview.
 
 Args:
@@ -1454,25 +2104,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1489,7 +2183,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1517,7 +2217,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1539,35 +2245,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1586,32 +2319,73 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1645,7 +2419,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.diskTypes.html b/docs/dyn/compute_v1.diskTypes.html
index 42d06d890c7..77ff38cde72 100644
--- a/docs/dyn/compute_v1.diskTypes.html
+++ b/docs/dyn/compute_v1.diskTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . diskTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of disk types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, diskType, x__xgafv=None)

+  get(project, zone, diskType)

 
Returns the specified disk type. Gets a list of available disk types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of disk types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of disk types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,17 @@ 
Method Details

   "items": { # A list of DiskTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of disk types.
       "diskTypes": [ # [Output Only] A list of disk types contained in this scope.
-        { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/v1/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/v1/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+        { # Represents a Disk Type resource.
+            #
+            # Google Compute Engine has two Disk Type resources:
+            #
+            # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+            #
+            # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+            #
+            # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+            #
+            # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -140,7 +156,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of disk types when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -158,7 +175,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -189,22 +207,28 @@ 
Method Details

 

 
 

-    get(project, zone, diskType, x__xgafv=None)
+    get(project, zone, diskType)
   
Returns the specified disk type. Gets a list of available disk types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   diskType: string, Name of the disk type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/v1/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/v1/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+    #
+    # Google Compute Engine has two Disk Type resources:
+    #
+    # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+    #
+    # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+    #
+    # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -226,21 +250,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of disk types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -248,7 +278,17 @@ 
Method Details

     { # Contains a list of disk types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of DiskType resources.
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/v1/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/v1/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+        #
+        # Google Compute Engine has two Disk Type resources:
+        #
+        # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+        #
+        # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+        #
+        # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -273,7 +313,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.disks.html b/docs/dyn/compute_v1.disks.html
index e5937050a88..8fa8b1186fb 100644
--- a/docs/dyn/compute_v1.disks.html
+++ b/docs/dyn/compute_v1.disks.html
@@ -75,10 +75,10 @@
 
Compute Engine API . disks

 
Instance Methods

 

-  addResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, zone, disk, body=None, requestId=None)

 
Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of persistent disks.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,44 +87,44 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)

+  createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None)

 
Creates a snapshot of a specified persistent disk.

 

-  delete(project, zone, disk, requestId=None, x__xgafv=None)

+  delete(project, zone, disk, requestId=None)

 
Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.

 

-  get(project, zone, disk, x__xgafv=None)

+  get(project, zone, disk)

 
Returns a specified persistent disk. Gets a list of available persistent disks by making a list() request.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, sourceImage=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None, sourceImage=None)

 
Creates a persistent disk in the specified project using the data in the request. You can create a disk from a source (sourceImage, sourceSnapshot, or sourceDisk) or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of persistent disks contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, zone, disk, body=None, requestId=None)

 
Removes resource policies from a disk.

 

-  resize(project, zone, disk, body=None, requestId=None, x__xgafv=None)

+  resize(project, zone, disk, body=None, requestId=None)

 
Resizes the specified persistent disk. You can only increase the size of the disk.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, resource, body=None, requestId=None)

 
Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, zone, disk, body=None, requestId=None)
   
Adds existing resource policies to a disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.
 
 Args:
@@ -140,16 +140,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -183,7 +196,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -197,21 +211,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of persistent disks.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -221,23 +241,41 @@ 
Method Details

   "items": { # A list of DisksScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of disks.
       "disks": [ # [Output Only] A list of disks contained in this scope.
-        { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/v1/disks) * [Regional](/compute/docs/reference/rest/v1/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+        { # Represents a Persistent Disk resource.
+            #
+            # Google Compute Engine has two Disk resources:
+            #
+            # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+            #
+            # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+            #
+            # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+            #
+            # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+              #
+              # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+              #
+              # Customer-supplied encryption keys do not protect access to metadata of the disk.
+              #
+              # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a disk.
           "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
             "a_key": "A String",
           },
@@ -263,10 +301,33 @@ 
Method Details

           ],
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-          "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-          "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+          "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+              #
+              # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+          "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+              # - projects/project/zones/zone/disks/disk
+              # - projects/project/regions/region/disks/disk
+              # - zones/zone/disks/disk
+              # - regions/region/disks/disk
           "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-          "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+          "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
           "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -274,7 +335,10 @@ 
Method Details

             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-          "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+          "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+              # - projects/project/global/snapshots/snapshot
+              # - global/snapshots/snapshot
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -283,8 +347,13 @@ 
Method Details

           },
           "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
           "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-          "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
-          "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+          "status": "A String", # [Output Only] The status of disk creation.
+              # - CREATING: Disk is provisioning.
+              # - RESTORING: Source data is being copied into the disk.
+              # - FAILED: Disk creation failed.
+              # - READY: Disk is ready for use.
+              # - DELETING: Disk is deleting.
+          "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
           "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
             "A String",
           ],
@@ -293,7 +362,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of disks when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -311,7 +381,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -342,7 +413,7 @@ 
Method Details

 

 
 

-    createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None, x__xgafv=None)
+    createSnapshot(project, zone, disk, body=None, guestFlush=None, requestId=None)
   
Creates a snapshot of a specified persistent disk.
 
 Args:
@@ -352,7 +423,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -361,7 +434,9 @@ 
Method Details

   "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -375,7 +450,13 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
@@ -398,16 +479,29 @@ 
Method Details

 }
 
   guestFlush: boolean, [Input Only] Whether to attempt an application consistent snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -441,7 +535,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -455,23 +550,36 @@ 
Method Details

 

 
 

-    delete(project, zone, disk, requestId=None, x__xgafv=None)
+    delete(project, zone, disk, requestId=None)
   
Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   disk: string, Name of the persistent disk to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -505,7 +613,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -519,38 +628,52 @@ 
Method Details

 

 
 

-    get(project, zone, disk, x__xgafv=None)
+    get(project, zone, disk)
   
Returns a specified persistent disk. Gets a list of available persistent disks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   disk: string, Name of the persistent disk to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/v1/disks) * [Regional](/compute/docs/reference/rest/v1/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+    #
+    # Google Compute Engine has two Disk resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    #
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    #
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      #
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -576,10 +699,33 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      #
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      #
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      #
+      #
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      #
+      #
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      #
+      #
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -587,7 +733,10 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -596,8 +745,13 @@ 
Method Details

   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
@@ -606,7 +760,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -614,27 +768,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -642,76 +820,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, sourceImage=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None, sourceImage=None)
   
Creates a persistent disk in the specified project using the data in the request. You can create a disk from a source (sourceImage, sourceSnapshot, or sourceDisk) or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.
 
 Args:
@@ -720,23 +966,41 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/v1/disks) * [Regional](/compute/docs/reference/rest/v1/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+{ # Represents a Persistent Disk resource.
+    # 
+    # Google Compute Engine has two Disk resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    # 
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    # 
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    # 
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      # 
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -762,10 +1026,33 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      # 
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      # 
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      # 
+      # 
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      # 
+      # 
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      # 
+      # 
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -773,7 +1060,10 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -782,25 +1072,43 @@ 
Method Details

   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
   "zone": "A String", # [Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceImage: string, Source image to restore onto a disk. This field is optional.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -834,7 +1142,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -848,21 +1157,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of persistent disks contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -870,23 +1185,41 @@ 
Method Details

     { # A list of Disk resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Disk resources.
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/v1/disks) * [Regional](/compute/docs/reference/rest/v1/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+        #
+        # Google Compute Engine has two Disk resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+        #
+        # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+        #
+        # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+          #
+          # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a disk.
       "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -912,10 +1245,33 @@ 
Method Details

       ],
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+          #
+          # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+          #
+          # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+          # projects/debian-cloud/global/images/family/debian-9
+          #
+          #
+          # Alternatively, use a specific version of a public operating system image:
+          # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+          #
+          #
+          # To create a disk with a custom image that you created, specify the image name in the following format:
+          # global/images/my-custom-image
+          #
+          #
+          # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+          # global/images/family/my-image-family
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -923,7 +1279,10 @@ 
Method Details

         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+          # - projects/project/global/snapshots/snapshot
+          # - global/snapshots/snapshot
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -932,8 +1291,13 @@ 
Method Details

       },
       "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
       "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-      "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
-      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+      "status": "A String", # [Output Only] The status of disk creation.
+          # - CREATING: Disk is provisioning.
+          # - RESTORING: Source data is being copied into the disk.
+          # - FAILED: Disk creation failed.
+          # - READY: Disk is ready for use.
+          # - DELETING: Disk is deleting.
+      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
       "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
         "A String",
       ],
@@ -945,7 +1309,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -971,7 +1336,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, zone, disk, body=None, requestId=None)
   
Removes resource policies from a disk.
 
 Args:
@@ -987,16 +1352,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1030,7 +1408,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1044,7 +1423,7 @@ 
Method Details

 

 
 

-    resize(project, zone, disk, body=None, requestId=None, x__xgafv=None)
+    resize(project, zone, disk, body=None, requestId=None)
   
Resizes the specified persistent disk. You can only increase the size of the disk.
 
 Args:
@@ -1058,16 +1437,29 @@ 
Method Details

   "sizeGb": "A String", # The new size of the persistent disk, which is specified in GB.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1101,7 +1493,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1115,7 +1508,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1128,33 +1521,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1162,95 +1629,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1258,76 +1817,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, resource, body=None, requestId=None)
   
Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1344,16 +1971,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1387,7 +2027,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1401,7 +2042,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1417,10 +2058,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.externalVpnGateways.html b/docs/dyn/compute_v1.externalVpnGateways.html
index 2d74829d928..17f1fe58b63 100644
--- a/docs/dyn/compute_v1.externalVpnGateways.html
+++ b/docs/dyn/compute_v1.externalVpnGateways.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, externalVpnGateway, requestId=None, x__xgafv=None)

+  delete(project, externalVpnGateway, requestId=None)

 
Deletes the specified externalVpnGateway.

 

-  get(project, externalVpnGateway, x__xgafv=None)

+  get(project, externalVpnGateway)

 
Returns the specified externalVpnGateway. Get a list of available externalVpnGateways by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a ExternalVpnGateway in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of ExternalVpnGateway available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an ExternalVpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, externalVpnGateway, requestId=None, x__xgafv=None)
+    delete(project, externalVpnGateway, requestId=None)
   
Deletes the specified externalVpnGateway.
 
 Args:
   project: string, Project ID for this request. (required)
   externalVpnGateway: string, Name of the externalVpnGateways to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,32 +182,41 @@ 
Method Details

 

 
 

-    get(project, externalVpnGateway, x__xgafv=None)
+    get(project, externalVpnGateway)
   
Returns the specified externalVpnGateway. Get a list of available externalVpnGateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   externalVpnGateway: string, Name of the externalVpnGateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+    { # Represents an external VPN gateway.
+    #
+    # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+    #
+    # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+    #
+    # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+  "interfaces": [ # List of interfaces for this external VPN gateway.
+      #
+      # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
     { # The interface for the external VPN gateway.
-      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+          # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+          # - TWO_IPS_REDUNDANCY - 0, 1
+          # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
       "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
     },
   ],
   "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -204,7 +227,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a ExternalVpnGateway in the specified project using the data included in the request.
 
 Args:
@@ -212,18 +235,31 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+{ # Represents an external VPN gateway.
+    # 
+    # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+    # 
+    # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+    # 
+    # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+  "interfaces": [ # List of interfaces for this external VPN gateway.
+      # 
+      # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
     { # The interface for the external VPN gateway.
-      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+      "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+          # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+          # - TWO_IPS_REDUNDANCY - 0, 1
+          # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
       "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
     },
   ],
   "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -232,16 +268,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -275,7 +324,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -289,20 +339,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of ExternalVpnGateway available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -311,18 +367,31 @@ 
Method Details

   "etag": "A String",
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ExternalVpnGateway resources.
-    { # Represents an external VPN gateway. External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway. To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway. For more information about using external VPN gateways, see Creating an HA VPN gateway and tunnel pair to a peer VPN.
+    { # Represents an external VPN gateway.
+        #
+        # External VPN gateway is the on-premises VPN gateway(s) or another cloud provider's VPN gateway that connects to your Google Cloud VPN gateway.
+        #
+        # To create a highly available VPN from Google Cloud Platform to your VPN gateway or another cloud provider's VPN gateway, you must create a external VPN gateway resource with information about the other gateway.
+        #
+        # For more information about using external VPN gateways, see  Creating an HA VPN gateway and tunnel pair to a peer VPN. (== resource_for {$api_version}.externalVpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "interfaces": [ # List of interfaces for this external VPN gateway. If your peer-side gateway is an on-premises gateway and non-AWS cloud providers’ gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
+      "interfaces": [ # List of interfaces for this external VPN gateway.
+          #
+          # If your peer-side gateway is an on-premises gateway and non-AWS cloud providers? gateway, at most two interfaces can be provided for an external VPN gateway. If your peer side is an AWS virtual private gateway, four interfaces should be provided for an external VPN gateway.
         { # The interface for the external VPN gateway.
-          "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
+          "id": 42, # The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway:
+              # - SINGLE_IP_INTERNALLY_REDUNDANT - 0
+              # - TWO_IPS_REDUNDANCY - 0, 1
+              # - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3
           "ipAddress": "A String", # IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.
         },
       ],
       "kind": "compute#externalVpnGateway", # [Output Only] Type of the resource. Always compute#externalVpnGateway for externalVpnGateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this ExternalVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an ExternalVpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -331,12 +400,13 @@ 
Method Details

       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
     },
   ],
-  "kind": "compute#externalVpnGatewayList", # [Output Only] Type of resource. Always compute#externalVpnGatewayList for lists of externalVpnGateways.
+  "kind": "compute#externalVpnGatewayList", # [Output Only] Type of resource. Always compute#externalVpnGatewayList  for lists of externalVpnGateways.
   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -362,7 +432,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an ExternalVpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -378,15 +448,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -420,7 +499,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -434,7 +514,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -449,10 +529,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.firewallPolicies.html b/docs/dyn/compute_v1.firewallPolicies.html
index bb839a8c235..9c0919a353c 100644
--- a/docs/dyn/compute_v1.firewallPolicies.html
+++ b/docs/dyn/compute_v1.firewallPolicies.html
@@ -75,68 +75,68 @@
 
Compute Engine API . firewallPolicies

 
Instance Methods

 

-  addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)

+  addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)

 
Inserts an association for the specified firewall policy.

 

-  addRule(firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  addRule(firewallPolicy, body=None, requestId=None)

 
Inserts a rule into a firewall policy.

 

-  cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)

+  cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None)

 
Copies rules to the specified firewall policy.

 

   close()

 
Close httplib2 connections.

 

-  delete(firewallPolicy, requestId=None, x__xgafv=None)

+  delete(firewallPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(firewallPolicy, x__xgafv=None)

+  get(firewallPolicy)

 
Returns the specified firewall policy.

 

-  getAssociation(firewallPolicy, name=None, x__xgafv=None)

+  getAssociation(firewallPolicy, name=None)

 
Gets an association with the specified name.

 

-  getIamPolicy(resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getRule(firewallPolicy, priority=None, x__xgafv=None)

+  getRule(firewallPolicy, priority=None)

 
Gets a rule of the specified priority.

 

-  insert(body=None, parentId=None, requestId=None, x__xgafv=None)

+  insert(body=None, parentId=None, requestId=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
Lists all the policies that have been configured for the specified folder or organization.

 

-  listAssociations(targetResource=None, x__xgafv=None)

+  listAssociations(targetResource=None)

 
Lists associations of a specified target, i.e., organization or folder.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  move(firewallPolicy, parentId=None, requestId=None, x__xgafv=None)

+  move(firewallPolicy, parentId=None, requestId=None)

 
Moves the specified firewall policy.

 

-  patch(firewallPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(firewallPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request.

 

-  patchRule(firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)

+  patchRule(firewallPolicy, body=None, priority=None, requestId=None)

 
Patches a rule of the specified priority.

 

-  removeAssociation(firewallPolicy, name=None, requestId=None, x__xgafv=None)

+  removeAssociation(firewallPolicy, name=None, requestId=None)

 
Removes an association for the specified firewall policy.

 

-  removeRule(firewallPolicy, priority=None, requestId=None, x__xgafv=None)

+  removeRule(firewallPolicy, priority=None, requestId=None)

 
Deletes a rule of the specified priority.

 

-  setIamPolicy(resource, body=None, x__xgafv=None)

+  setIamPolicy(resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(resource, body=None, x__xgafv=None)

+  testIamPermissions(resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None, x__xgafv=None)
+    addAssociation(firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)
   
Inserts an association for the specified firewall policy.
 
 Args:
@@ -153,16 +153,29 @@ 
Method Details

 }
 
   replaceExistingAssociation: boolean, Indicates whether or not to replace it if an association of the attachment already exists. This is false by default, in which case an error will be returned if an association already exists.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -196,7 +209,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -210,7 +224,7 @@ 
Method Details

 

 
 

-    addRule(firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    addRule(firewallPolicy, body=None, requestId=None)
   
Inserts a rule into a firewall policy.
 
 Args:
@@ -232,7 +246,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -251,16 +267,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -294,7 +323,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -308,22 +338,35 @@ 
Method Details

 

 
 

-    cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None, x__xgafv=None)
+    cloneRules(firewallPolicy, requestId=None, sourceFirewallPolicy=None)
   
Copies rules to the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceFirewallPolicy: string, The firewall policy from which to copy rules.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -357,7 +400,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -376,21 +420,34 @@ 
Method Details

 

 
 

-    delete(firewallPolicy, requestId=None, x__xgafv=None)
+    delete(firewallPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -424,7 +481,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -438,20 +496,16 @@ 
Method Details

 

 
 

-    get(firewallPolicy, x__xgafv=None)
+    get(firewallPolicy)
   
Returns the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -464,7 +518,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -485,7 +541,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -511,16 +569,12 @@ 
Method Details

 

 
 

-    getAssociation(firewallPolicy, name=None, x__xgafv=None)
+    getAssociation(firewallPolicy, name=None)
   
Gets an association with the specified name.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   name: string, The name of the association to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -535,33 +589,57 @@ 
Method Details

 

 
 

-    getIamPolicy(resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -569,85 +647,149 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getRule(firewallPolicy, priority=None, x__xgafv=None)
+    getRule(firewallPolicy, priority=None)
   
Gets a rule of the specified priority.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the firewall policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -666,7 +808,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -687,14 +831,14 @@ 
Method Details

 

 
 

-    insert(body=None, parentId=None, requestId=None, x__xgafv=None)
+    insert(body=None, parentId=None, requestId=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -707,7 +851,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -728,7 +874,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -753,16 +901,29 @@ 
Method Details

 }
 
   parentId: string, Parent ID for this request. The ID can be either be "folders/[FOLDER_ID]" if the parent is a folder or "organizations/[ORGANIZATION_ID]" if the parent is an organization.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -796,7 +957,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -810,20 +972,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
Lists all the policies that have been configured for the specified folder or organization.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -831,7 +999,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of FirewallPolicy resources.
-    { # Represents a Firewall Policy resource.
+    { # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
       "associations": [ # A list of associations that belong to this firewall policy.
         {
           "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -844,7 +1012,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the firewall policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
       "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -865,7 +1035,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -893,7 +1065,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -905,15 +1078,11 @@ 
Method Details

 

 
 

-    listAssociations(targetResource=None, x__xgafv=None)
+    listAssociations(targetResource=None)
   
Lists associations of a specified target, i.e., organization or folder.
 
 Args:
   targetResource: string, The target resource to list associations. It is an organization, or a folder.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -947,22 +1116,35 @@ 
Method Details

 

 
 

-    move(firewallPolicy, parentId=None, requestId=None, x__xgafv=None)
+    move(firewallPolicy, parentId=None, requestId=None)
   
Moves the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   parentId: string, The new parent of the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -996,7 +1178,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1010,7 +1193,7 @@ 
Method Details

 

 
 

-    patch(firewallPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(firewallPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request.
 
 Args:
@@ -1018,7 +1201,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Policy resource.
+{ # Represents a Firewall Policy resource. (== resource_for {$api_version}.firewallPolicies ==)
   "associations": [ # A list of associations that belong to this firewall policy.
     {
       "attachmentTarget": "A String", # The target that the firewall policy is attached to.
@@ -1031,7 +1214,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "displayName": "A String", # Depreacted, please use short name instead. User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the firewall policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the firewall policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#firewallPolicy", # [Output only] Type of the resource. Always compute#firewallPolicyfor firewall policies
   "name": "A String", # [Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.
@@ -1052,7 +1237,9 @@ 
Method Details

         "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
           {
             "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+            "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                #
+                # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
               "A String",
             ],
           },
@@ -1076,16 +1263,29 @@ 
Method Details

   "shortName": "A String", # User-provided name of the Organization firewall plicy. The name should be unique in the organization in which the firewall policy is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1119,7 +1319,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1133,7 +1334,7 @@ 
Method Details

 

 
 

-    patchRule(firewallPolicy, body=None, priority=None, requestId=None, x__xgafv=None)
+    patchRule(firewallPolicy, body=None, priority=None, requestId=None)
   
Patches a rule of the specified priority.
 
 Args:
@@ -1155,7 +1356,9 @@ 
Method Details

     "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
       {
         "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+        "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+            #
+            # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
           "A String",
         ],
       },
@@ -1175,16 +1378,29 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1218,7 +1434,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1232,22 +1449,35 @@ 
Method Details

 

 
 

-    removeAssociation(firewallPolicy, name=None, requestId=None, x__xgafv=None)
+    removeAssociation(firewallPolicy, name=None, requestId=None)
   
Removes an association for the specified firewall policy.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   name: string, Name for the attachment that will be removed.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1281,7 +1511,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1295,22 +1526,35 @@ 
Method Details

 

 
 

-    removeRule(firewallPolicy, priority=None, requestId=None, x__xgafv=None)
+    removeRule(firewallPolicy, priority=None, requestId=None)
   
Deletes a rule of the specified priority.
 
 Args:
   firewallPolicy: string, Name of the firewall policy to update. (required)
   priority: integer, The priority of the rule to remove from the firewall policy.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1344,7 +1588,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1358,7 +1603,7 @@ 
Method Details

 

 
 

-    setIamPolicy(resource, body=None, x__xgafv=None)
+    setIamPolicy(resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1369,33 +1614,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1403,95 +1722,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1499,76 +1910,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(resource, body=None, x__xgafv=None)
+    testIamPermissions(resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1582,10 +2061,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.firewalls.html b/docs/dyn/compute_v1.firewalls.html
index 13f335de4ab..7e7edbb88ca 100644
--- a/docs/dyn/compute_v1.firewalls.html
+++ b/docs/dyn/compute_v1.firewalls.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, firewall, requestId=None, x__xgafv=None)

+  delete(project, firewall, requestId=None)

 
Deletes the specified firewall.

 

-  get(project, firewall, x__xgafv=None)

+  get(project, firewall)

 
Returns the specified firewall.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a firewall rule in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of firewall rules available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, firewall, body=None, requestId=None, x__xgafv=None)

+  patch(project, firewall, body=None, requestId=None)

 
Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, firewall, body=None, requestId=None, x__xgafv=None)

+  update(project, firewall, body=None, requestId=None)

 
Updates the specified firewall rule with the data included in the request. Note that all fields will be updated if using PUT, even fields that are not specified. To update individual fields, please use PATCH instead.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, firewall, requestId=None, x__xgafv=None)
+    delete(project, firewall, requestId=None)
   
Deletes the specified firewall.
 
 Args:
   project: string, Project ID for this request. (required)
   firewall: string, Name of the firewall rule to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,25 +182,25 @@ 
Method Details

 

 
 

-    get(project, firewall, x__xgafv=None)
+    get(project, firewall)
   
Returns the specified firewall.
 
 Args:
   project: string, Project ID for this request. (required)
   firewall: string, Name of the firewall rule to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+    #
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          #
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -195,7 +209,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          #
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -213,7 +229,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -235,7 +256,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a firewall rule in the specified project using the data included in the request.
 
 Args:
@@ -243,11 +264,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -256,7 +281,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -274,7 +301,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -294,16 +326,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -337,7 +382,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -351,20 +397,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of firewall rules available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -372,11 +424,15 @@ 
Method Details

     { # Contains a list of firewalls.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Firewall resources.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -385,7 +441,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -403,7 +461,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -428,7 +491,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -454,7 +518,7 @@ 
Method Details

 

 
 

-    patch(project, firewall, body=None, requestId=None, x__xgafv=None)
+    patch(project, firewall, body=None, requestId=None)
   
Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -463,11 +527,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -476,7 +544,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -494,7 +564,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -514,16 +589,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -557,7 +645,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -571,7 +660,7 @@ 
Method Details

 

 
 

-    update(project, firewall, body=None, requestId=None, x__xgafv=None)
+    update(project, firewall, body=None, requestId=None)
   
Updates the specified firewall rule with the data included in the request. Note that all fields will be updated if using PUT, even fields that are not specified. To update individual fields, please use PATCH instead.
 
 Args:
@@ -580,11 +669,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+{ # Represents a Firewall Rule resource.
+    # 
+    # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
   "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -593,7 +686,9 @@ 
Method Details

   "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
     {
       "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+      "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+          # 
+          # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
         "A String",
       ],
     },
@@ -611,7 +706,12 @@ 
Method Details

     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+  "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+      # global/networks/default
+      # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+      # - projects/myproject/global/networks/my-network
+      # - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -631,16 +731,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -674,7 +787,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.forwardingRules.html b/docs/dyn/compute_v1.forwardingRules.html
index c570e092b56..439081a9411 100644
--- a/docs/dyn/compute_v1.forwardingRules.html
+++ b/docs/dyn/compute_v1.forwardingRules.html
@@ -75,7 +75,7 @@
 
Compute Engine API . forwardingRules

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of forwarding rules.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, forwardingRule, requestId=None, x__xgafv=None)

+  delete(project, region, forwardingRule, requestId=None)

 
Deletes the specified ForwardingRule resource.

 

-  get(project, region, forwardingRule, x__xgafv=None)

+  get(project, region, forwardingRule)

 
Returns the specified ForwardingRule resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a ForwardingRule resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of ForwardingRule resources available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, forwardingRule, body=None, requestId=None)

 
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.

 

-  setTarget(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  setTarget(project, region, forwardingRule, body=None, requestId=None)

 
Changes target URL for forwarding rule. The new target should be of the same type as the old target.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of forwarding rules.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,61 +139,173 @@ 
Method Details

   "items": { # A list of ForwardingRulesScopedList resources.
     "a_key": { # Name of the scope containing this set of addresses.
       "forwardingRules": [ # A list of forwarding rules contained in this scope.
-        { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-          "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-          "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-          "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+        { # Represents a Forwarding Rule resource.
+            #
+            # Forwarding rule resources in GCP can be either regional or global in scope:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+            #
+            # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+            #
+            # For more information, read Forwarding rule concepts and Using protocol forwarding.
+            #
+            # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+          "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+              #
+              # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+              #
+              # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+              # - projects/project_id/regions/region/addresses/address-name
+              # - regions/region/addresses/address-name
+              # - global/addresses/address-name
+              # - address-name
+              #
+              # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+              #
+              # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+              #
+              # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+          "IPProtocol": "A String", # The IP protocol to which this rule applies.
+              #
+              # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+              #
+              # The valid IP protocols are different for different load balancing products:
+              # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+              # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+              # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+              # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+              # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+              #
+              # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+              #
+              # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
           "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
           "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
           "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
           "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
-          "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-          "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-            { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-              "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+          "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+              #
+              #
+              # - EXTERNAL is used for:
+              # - Classic Cloud VPN gateways
+              # - Protocol forwarding to VMs from an external IP address
+              # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+              # - INTERNAL is used for:
+              # - Protocol forwarding to VMs from an internal IP address
+              # - Internal TCP/UDP Load Balancing
+              # - INTERNAL_MANAGED is used for:
+              # - Internal HTTP(S) Load Balancing
+              # - INTERNAL_SELF_MANAGED is used for:
+              # - Traffic Director
+              #
+              # For more information about forwarding rules, refer to Forwarding rule concepts.
+          "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+              # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+              # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+              # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+              "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                  # This list must not be empty and can have at the most 64 entries.
                 { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                  "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                  "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                  "name": "A String", # Name of metadata label.
+                      # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                  "value": "A String", # The value of the label must match the specified value.
+                      # value can have a maximum length of 1024 characters.
                 },
               ],
-              "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+              "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                  # Supported values are:
+                  # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                  # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
             },
           ],
-          "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-          "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-          "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-          "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+          "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          "network": "A String", # This field is not used for external load balancing.
+              #
+              # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+              #
+              # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+              #
+              # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+              #
+              # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+          "portRange": "A String", # This field can be used only if:
+              # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+              # - IPProtocol is one of TCP, UDP, or SCTP.
+              #
+              # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+              #
+              # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+              #
+              # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+              #
+              # Some types of forwarding target have constraints on the acceptable ports:
+              # - TargetHttpProxy: 80, 8080
+              # - TargetHttpsProxy: 443
+              # - TargetGrpcProxy: no constraints
+              # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+              # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+              # - TargetVpnGateway: 500, 4500
+          "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+              #
+              # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+              #
+              # You can specify a list of up to five ports, which can be non-contiguous.
+              #
+              # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+              #
+              # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
             "A String",
           ],
           "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
           "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+          "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+              #
+              # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
             { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
               "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
               "service": "A String", # Service Directory service to register the forwarding rule under.
               "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
             },
           ],
-          "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-          "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-          "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+          "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+              #
+              # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+              #
+              # This field is only used for internal load balancing.
+          "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+              #
+              # This field is only used for internal load balancing.
+          "subnetwork": "A String", # This field is only used for internal load balancing.
+              #
+              # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+              #
+              # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
           "target": "A String",
         },
       ],
       "warning": { # Informational warning which replaces the list of forwarding rules when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -205,7 +323,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -236,23 +355,36 @@ 
Method Details

 

 
 

-    delete(project, region, forwardingRule, requestId=None, x__xgafv=None)
+    delete(project, region, forwardingRule, requestId=None)
   
Deletes the specified ForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -286,7 +418,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -300,76 +433,183 @@ 
Method Details

 

 
 

-    get(project, region, forwardingRule, x__xgafv=None)
+    get(project, region, forwardingRule)
   
Returns the specified ForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+    #
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    #
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    #
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    #
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      #
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      #
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      #
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      #
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      #
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      #
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      #
+      #
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      #
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      #
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      #
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      #
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      #
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      #
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      #
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      #
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      #
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      #
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      #
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a ForwardingRule resource in the specified project and region using the data included in the request.
 
 Args:
@@ -378,68 +618,192 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -473,7 +837,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -487,21 +852,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of ForwardingRule resources available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -509,55 +880,166 @@ 
Method Details

     { # Contains a list of ForwardingRule resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ForwardingRule resources.
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-      "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+        #
+        # Forwarding rule resources in GCP can be either regional or global in scope:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+        #
+        # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+        #
+        # For more information, read Forwarding rule concepts and Using protocol forwarding.
+        #
+        # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+          #
+          # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+          #
+          # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+          # - projects/project_id/regions/region/addresses/address-name
+          # - regions/region/addresses/address-name
+          # - global/addresses/address-name
+          # - address-name
+          #
+          # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+          #
+          # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+      "IPProtocol": "A String", # The IP protocol to which this rule applies.
+          #
+          # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+          #
+          # The valid IP protocols are different for different load balancing products:
+          # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+          # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+          # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+          # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
       "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
       "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
       "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
       "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+      "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+          #
+          #
+          # - EXTERNAL is used for:
+          # - Classic Cloud VPN gateways
+          # - Protocol forwarding to VMs from an external IP address
+          # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+          # - INTERNAL is used for:
+          # - Protocol forwarding to VMs from an internal IP address
+          # - Internal TCP/UDP Load Balancing
+          # - INTERNAL_MANAGED is used for:
+          # - Internal HTTP(S) Load Balancing
+          # - INTERNAL_SELF_MANAGED is used for:
+          # - Traffic Director
+          #
+          # For more information about forwarding rules, refer to Forwarding rule concepts.
+      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+          # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+              # This list must not be empty and can have at the most 64 entries.
             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+              "name": "A String", # Name of metadata label.
+                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+              "value": "A String", # The value of the label must match the specified value.
+                  # value can have a maximum length of 1024 characters.
             },
           ],
-          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+              # Supported values are:
+              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
         },
       ],
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-      "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-      "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "network": "A String", # This field is not used for external load balancing.
+          #
+          # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+          #
+          # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+      "portRange": "A String", # This field can be used only if:
+          # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+          # - IPProtocol is one of TCP, UDP, or SCTP.
+          #
+          # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+          #
+          # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # Some types of forwarding target have constraints on the acceptable ports:
+          # - TargetHttpProxy: 80, 8080
+          # - TargetHttpsProxy: 443
+          # - TargetGrpcProxy: no constraints
+          # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetVpnGateway: 500, 4500
+      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # You can specify a list of up to five ports, which can be non-contiguous.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
         "A String",
       ],
       "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
       "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+          #
+          # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
         { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
           "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
           "service": "A String", # Service Directory service to register the forwarding rule under.
           "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
         },
       ],
-      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-      "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+          #
+          # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          #
+          # This field is only used for internal load balancing.
+      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+          #
+          # This field is only used for internal load balancing.
+      "subnetwork": "A String", # This field is only used for internal load balancing.
+          #
+          # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+          #
+          # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
       "target": "A String",
     },
   ],
@@ -566,7 +1048,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -592,7 +1075,7 @@ 
Method Details

 

 
 

-    patch(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, forwardingRule, body=None, requestId=None)
   
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.
 
 Args:
@@ -602,68 +1085,192 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -697,7 +1304,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -711,7 +1319,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -728,16 +1336,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -771,7 +1392,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -785,7 +1407,7 @@ 
Method Details

 

 
 

-    setTarget(project, region, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    setTarget(project, region, forwardingRule, body=None, requestId=None)
   
Changes target URL for forwarding rule. The new target should be of the same type as the old target.
 
 Args:
@@ -799,16 +1421,29 @@ 
Method Details

   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -842,7 +1477,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.globalAddresses.html b/docs/dyn/compute_v1.globalAddresses.html
index c3662301ab5..c4f0b18e94b 100644
--- a/docs/dyn/compute_v1.globalAddresses.html
+++ b/docs/dyn/compute_v1.globalAddresses.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, address, requestId=None, x__xgafv=None)

+  delete(project, address, requestId=None)

 
Deletes the specified address resource.

 

-  get(project, address, x__xgafv=None)

+  get(project, address)

 
Returns the specified address resource. Gets a list of available addresses by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates an address resource in the specified project by using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of global addresses.

 

   list_next(previous_request, previous_response)

@@ -99,22 +99,35 @@ 
Method Details

 

 
 

-    delete(project, address, requestId=None, x__xgafv=None)
+    delete(project, address, requestId=None)
   
Deletes the specified address resource.
 
 Args:
   project: string, Project ID for this request. (required)
   address: string, Name of the address resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -148,7 +161,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -162,21 +176,31 @@ 
Method Details

 

 
 

-    get(project, address, x__xgafv=None)
+    get(project, address)
   
Returns the specified address resource. Gets a list of available addresses by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   address: string, Name of the address resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    #
+    # Use global internal addresses for reserved peering network range.
+    #
+    # Use regional external addresses for the following resources:
+    #
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    #
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    #
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    #
+    # For more information, read reserved IP address.
+    #
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -186,10 +210,17 @@ 
Method Details

   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -200,7 +231,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates an address resource in the specified project by using the data included in the request.
 
 Args:
@@ -208,7 +239,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+{ # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+    # 
+    # Use global internal addresses for reserved peering network range.
+    # 
+    # Use regional external addresses for the following resources:
+    # 
+    # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+    # 
+    # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+    # 
+    # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+    # 
+    # For more information, read reserved IP address.
+    # 
+    # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
   "address": "A String", # The static IP address represented by this resource.
   "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -218,10 +263,17 @@ 
Method Details

   "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM.
   "prefixLength": 42, # The prefix length if the resource represents an IP range.
-  "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+  "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+      # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+      # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+      # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+      # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+      # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+  "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
   "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -230,16 +282,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -273,7 +338,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -287,20 +353,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of global addresses.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -308,7 +380,21 @@ 
Method Details

     { # Contains a list of addresses.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Address resources.
-    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier. Use global internal addresses for reserved peering network range. Use regional external addresses for the following resources: - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA) Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes: - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses For more information, read reserved IP address.
+    { # Use global external addresses for GFE-based external HTTP(S) load balancers in Premium Tier.
+        #
+        # Use global internal addresses for reserved peering network range.
+        #
+        # Use regional external addresses for the following resources:
+        #
+        # - External IP addresses for VM instances - Regional external forwarding rules - Cloud NAT external IP addresses - GFE based LBs in Standard Tier - Network LBs in Premium or Standard Tier - Cloud VPN gateways (both Classic and HA)
+        #
+        # Use regional internal IP addresses for subnet IP ranges (primary and secondary). This includes:
+        #
+        # - Internal IP addresses for VM instances - Alias IP ranges of VM instances (/32 only) - Regional internal forwarding rules - Internal TCP/UDP load balancer addresses - Internal HTTP(S) load balancer addresses - Cloud DNS inbound forwarding IP addresses
+        #
+        # For more information, read reserved IP address.
+        #
+        # (== resource_for {$api_version}.addresses ==) (== resource_for {$api_version}.globalAddresses ==)
       "address": "A String", # The static IP address represented by this resource.
       "addressType": "A String", # The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -318,10 +404,17 @@ 
Method Details

       "kind": "compute#address", # [Output Only] Type of the resource. Always compute#address for addresses.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with the VPC_PEERING purpose.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer. If this field is not specified, it is assumed to be PREMIUM.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Global forwarding rules can only be Premium Tier. Regional forwarding rules can be either Premium or Standard Tier. Standard Tier addresses applied to regional forwarding rules can be used with any external load balancer. Regional forwarding rules in Premium Tier can only be used with a network load balancer.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM.
       "prefixLength": 42, # The prefix length if the resource represents an IP range.
-      "purpose": "A String", # The purpose of this resource, which can be one of the following values: - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources. - `DNS_RESOLVER` for a DNS resolver address in a subnetwork - `VPC_PEERING` for addresses that are reserved for VPC peer networks. - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT. - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an *IPsec-encrypted Cloud Interconnect* configuration. These addresses are regional resources. Not currently available publicly.
-      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. *This field is not applicable to global addresses.*
+      "purpose": "A String", # The purpose of this resource, which can be one of the following values:
+          # - `GCE_ENDPOINT` for addresses that are used by VM instances, alias IP ranges, internal load balancers, and similar resources.
+          # - `DNS_RESOLVER` for a DNS resolver address in a subnetwork
+          # - `VPC_PEERING` for addresses that are reserved for VPC peer networks.
+          # - `NAT_AUTO` for addresses that are external IP addresses automatically reserved for Cloud NAT.
+          # - `IPSEC_INTERCONNECT` for addresses created from a private IP range that are reserved for a VLAN attachment in an IPsec-encrypted Cloud Interconnect configuration. These addresses are regional resources. Not currently available publicly.
+      "region": "A String", # [Output Only] The URL of the region where a regional address resides. For regional addresses, you must specify the region as a path parameter in the HTTP request URL. This field is not applicable to global addresses.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "status": "A String", # [Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.
       "subnetwork": "A String", # The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
@@ -335,7 +428,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.globalForwardingRules.html b/docs/dyn/compute_v1.globalForwardingRules.html
index f0407939965..597f51636be 100644
--- a/docs/dyn/compute_v1.globalForwardingRules.html
+++ b/docs/dyn/compute_v1.globalForwardingRules.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, forwardingRule, requestId=None, x__xgafv=None)

+  delete(project, forwardingRule, requestId=None)

 
Deletes the specified GlobalForwardingRule resource.

 

-  get(project, forwardingRule, x__xgafv=None)

+  get(project, forwardingRule)

 
Returns the specified GlobalForwardingRule resource. Gets a list of available forwarding rules by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a GlobalForwardingRule resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of GlobalForwardingRule resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  patch(project, forwardingRule, body=None, requestId=None)

 
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.

 

-  setTarget(project, forwardingRule, body=None, requestId=None, x__xgafv=None)

+  setTarget(project, forwardingRule, body=None, requestId=None)

 
Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, forwardingRule, requestId=None, x__xgafv=None)
+    delete(project, forwardingRule, requestId=None)
   
Deletes the specified GlobalForwardingRule resource.
 
 Args:
   project: string, Project ID for this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,75 +185,182 @@ 
Method Details

 

 
 

-    get(project, forwardingRule, x__xgafv=None)
+    get(project, forwardingRule)
   
Returns the specified GlobalForwardingRule resource. Gets a list of available forwarding rules by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   forwardingRule: string, Name of the ForwardingRule resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+    #
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    #
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    #
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    #
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      #
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      #
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      #
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      #
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      #
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      #
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      #
+      #
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      #
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      #
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      #
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      #
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      #
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      #
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      #
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      #
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      #
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      #
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      #
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      #
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      #
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      #
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      #
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      #
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      #
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a GlobalForwardingRule resource in the specified project using the data included in the request.
 
 Args:
@@ -247,68 +368,192 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -342,7 +587,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -356,20 +602,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of GlobalForwardingRule resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -377,55 +629,166 @@ 
Method Details

     { # Contains a list of ForwardingRule resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of ForwardingRule resources.
-    { # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-      "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+    { # Represents a Forwarding Rule resource.
+        #
+        # Forwarding rule resources in GCP can be either regional or global in scope:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+        #
+        # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+        #
+        # For more information, read Forwarding rule concepts and Using protocol forwarding.
+        #
+        # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+      "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+          #
+          # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+          #
+          # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+          # - projects/project_id/regions/region/addresses/address-name
+          # - regions/region/addresses/address-name
+          # - global/addresses/address-name
+          # - address-name
+          #
+          # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+          #
+          # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+      "IPProtocol": "A String", # The IP protocol to which this rule applies.
+          #
+          # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+          #
+          # The valid IP protocols are different for different load balancing products:
+          # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+          # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+          # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+          # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+          # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
       "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
       "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
       "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
       "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
-      "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+      "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+          #
+          #
+          # - EXTERNAL is used for:
+          # - Classic Cloud VPN gateways
+          # - Protocol forwarding to VMs from an external IP address
+          # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+          # - INTERNAL is used for:
+          # - Protocol forwarding to VMs from an internal IP address
+          # - Internal TCP/UDP Load Balancing
+          # - INTERNAL_MANAGED is used for:
+          # - Internal HTTP(S) Load Balancing
+          # - INTERNAL_SELF_MANAGED is used for:
+          # - Traffic Director
+          #
+          # For more information about forwarding rules, refer to Forwarding rule concepts.
+      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+          # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+              # This list must not be empty and can have at the most 64 entries.
             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+              "name": "A String", # Name of metadata label.
+                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+              "value": "A String", # The value of the label must match the specified value.
+                  # value can have a maximum length of 1024 characters.
             },
           ],
-          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+              # Supported values are:
+              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
         },
       ],
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-      "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-      "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      "network": "A String", # This field is not used for external load balancing.
+          #
+          # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+          #
+          # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+          #
+          # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+          #
+          # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+      "portRange": "A String", # This field can be used only if:
+          # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+          # - IPProtocol is one of TCP, UDP, or SCTP.
+          #
+          # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+          #
+          # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # Some types of forwarding target have constraints on the acceptable ports:
+          # - TargetHttpProxy: 80, 8080
+          # - TargetHttpsProxy: 443
+          # - TargetGrpcProxy: no constraints
+          # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+          # - TargetVpnGateway: 500, 4500
+      "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+          #
+          # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+          #
+          # You can specify a list of up to five ports, which can be non-contiguous.
+          #
+          # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+          #
+          # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
         "A String",
       ],
       "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
       "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+      "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+          #
+          # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
         { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
           "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
           "service": "A String", # Service Directory service to register the forwarding rule under.
           "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
         },
       ],
-      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-      "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+      "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+          #
+          # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+          #
+          # This field is only used for internal load balancing.
+      "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+          #
+          # This field is only used for internal load balancing.
+      "subnetwork": "A String", # This field is only used for internal load balancing.
+          #
+          # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+          #
+          # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
       "target": "A String",
     },
   ],
@@ -434,7 +797,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -460,7 +824,7 @@ 
Method Details

 

 
 

-    patch(project, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    patch(project, forwardingRule, body=None, requestId=None)
   
Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.
 
 Args:
@@ -469,68 +833,192 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Forwarding Rule resource. Forwarding rule resources in GCP can be either regional or global in scope: * [Global](/compute/docs/reference/rest/v1/globalForwardingRules) * [Regional](/compute/docs/reference/rest/v1/forwardingRules) A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway). For more information, read Forwarding rule concepts and Using protocol forwarding.
-  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule. If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address: * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region /addresses/address-name * Partial URL or by name, as in: - projects/project_id/regions/region/addresses/address-name - regions/region/addresses/address-name - global/addresses/address-name - address-name The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications). Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true. For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
-  "IPProtocol": "A String", # The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products: - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid. - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid. - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid. - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid. - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
-  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
+{ # Represents a Forwarding Rule resource.
+    # 
+    # Forwarding rule resources in GCP can be either regional or global in scope:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalForwardingRules) * [Regional](/compute/docs/reference/rest/{$api_version}/forwardingRules)
+    # 
+    # A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud Platform load balancer. Forwarding rules can also reference target instances and Cloud VPN Classic gateways (targetVpnGateway).
+    # 
+    # For more information, read Forwarding rule concepts and Using protocol forwarding.
+    # 
+    # (== resource_for {$api_version}.forwardingRules ==) (== resource_for {$api_version}.globalForwardingRules ==) (== resource_for {$api_version}.regionForwardingRules ==)
+  "IPAddress": "A String", # IP address that this forwarding rule serves. When a client sends traffic to this IP address, the forwarding rule directs the traffic to the target that you specify in the forwarding rule.
+      # 
+      # If you don't specify a reserved IP address, an ephemeral IP address is assigned. Methods for specifying an IP address:
+      # 
+      # * IPv4 dotted decimal, as in `100.1.2.3` * Full URL, as in https://www.googleapis.com/compute/v1/projects/project_id/regions/region/addresses/address-name * Partial URL or by name, as in:
+      # - projects/project_id/regions/region/addresses/address-name
+      # - regions/region/addresses/address-name
+      # - global/addresses/address-name
+      # - address-name
+      # 
+      # The loadBalancingScheme and the forwarding rule's target determine the type of IP address that you can use. For detailed information, refer to [IP address specifications](/load-balancing/docs/forwarding-rule-concepts#ip_address_specifications).
+      # 
+      # Must be set to `0.0.0.0` when the target is targetGrpcProxy that has validateForProxyless field set to true.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, IP address must be provided.
+  "IPProtocol": "A String", # The IP protocol to which this rule applies.
+      # 
+      # For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT.
+      # 
+      # The valid IP protocols are different for different load balancing products:
+      # - Internal TCP/UDP Load Balancing: The load balancing scheme is INTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+      # - Traffic Director: The load balancing scheme is INTERNAL_SELF_MANAGED, and only TCP is valid.
+      # - Internal HTTP(S) Load Balancing: The load balancing scheme is INTERNAL_MANAGED, and only TCP is valid.
+      # - HTTP(S), SSL Proxy, and TCP Proxy Load Balancing: The load balancing scheme is EXTERNAL and only TCP is valid.
+      # - Network Load Balancing: The load balancing scheme is EXTERNAL, and one of TCP, UDP or L3_DEFAULT is valid.
+  "allPorts": True or False, # This field is used along with the backend_service field for Internal TCP/UDP Load Balancing or Network Load Balancing, or with the target field for internal and external TargetInstance.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # For TCP, UDP and SCTP traffic, packets addressed to any ports will be forwarded to the target or backendService.
   "allowGlobalAccess": True or False, # This field is used along with the backend_service field for internal load balancing or with the target field for internal TargetInstance. If the field is set to TRUE, clients can access ILB from all regions. Otherwise only allows access from clients in the same region as the internal load balancer.
   "backendService": "A String", # Identifies the backend service to which the forwarding rule sends traffic. Required for Internal TCP/UDP Load Balancing and Network Load Balancing; must be omitted for all other load balancer types.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipVersion": "A String", # The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for an external global forwarding rule.
   "isMirroringCollector": True or False, # Indicates whether or not this load balancer can be used as a collector for packet mirroring. To prevent mirroring loops, instances behind this load balancer will not have their traffic mirrored even if a PacketMirroring rule applies to them. This can only be set to true for load balancers that have their loadBalancingScheme set to INTERNAL.
   "kind": "compute#forwardingRule", # [Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a ForwardingRule.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
-  "loadBalancingScheme": "A String", # Specifies the forwarding rule type. - EXTERNAL is used for: - Classic Cloud VPN gateways - Protocol forwarding to VMs from an external IP address - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing - INTERNAL is used for: - Protocol forwarding to VMs from an internal IP address - Internal TCP/UDP Load Balancing - INTERNAL_MANAGED is used for: - Internal HTTP(S) Load Balancing - INTERNAL_SELF_MANAGED is used for: - Traffic Director For more information about forwarding rules, refer to Forwarding rule concepts.
-  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+  "loadBalancingScheme": "A String", # Specifies the forwarding rule type.
+      # 
+      # 
+      # - EXTERNAL is used for:
+      # - Classic Cloud VPN gateways
+      # - Protocol forwarding to VMs from an external IP address
+      # - HTTP(S), SSL Proxy, TCP Proxy, and Network Load Balancing
+      # - INTERNAL is used for:
+      # - Protocol forwarding to VMs from an internal IP address
+      # - Internal TCP/UDP Load Balancing
+      # - INTERNAL_MANAGED is used for:
+      # - Internal HTTP(S) Load Balancing
+      # - INTERNAL_SELF_MANAGED is used for:
+      # - Traffic Director
+      # 
+      # For more information about forwarding rules, refer to Forwarding rule concepts.
+  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant configuration is made available to those proxies. Otherwise, all the resources (e.g. TargetHttpProxy, UrlMap) referenced by the ForwardingRule will not be visible to those proxies.
+      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+      # metadataFilters specified here will be applifed before those specified in the UrlMap that this ForwardingRule references.
+      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+          # This list must not be empty and can have at the most 64 entries.
         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+          "name": "A String", # Name of metadata label.
+              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+          "value": "A String", # The value of the label must match the specified value.
+              # value can have a maximum length of 1024 characters.
         },
       ],
-      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+          # Supported values are:
+          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
     },
   ],
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For Private Service Connect forwarding rules that forward traffic to Google APIs, the forwarding rule name must be a 1-20 characters string with lowercase letters and numbers and must start with a letter.
-  "network": "A String", # This field is not used for external load balancing. For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
-  "portRange": "A String", # This field can be used only if: - Load balancing scheme is one of EXTERNAL, INTERNAL_SELF_MANAGED or INTERNAL_MANAGED - IPProtocol is one of TCP, UDP, or SCTP. Packets addressed to ports in the specified range will be forwarded to target or backend_service. You can only use one of ports, port_range, or allPorts. The three are mutually exclusive. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. Some types of forwarding target have constraints on the acceptable ports: - TargetHttpProxy: 80, 8080 - TargetHttpsProxy: 443 - TargetGrpcProxy: no constraints - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 - TargetVpnGateway: 500, 4500 @pattern: \\d+(?:-\\d+)?
-  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends. You can only use one of ports and port_range, or allPorts. The three are mutually exclusive. You can specify a list of up to five ports, which can be non-contiguous. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports. For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications). @pattern: \\d+(?:-\\d+)?
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+  "network": "A String", # This field is not used for external load balancing.
+      # 
+      # For Internal TCP/UDP Load Balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.
+      # 
+      # For Private Service Connect forwarding rules that forward traffic to Google APIs, a network must be provided.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+      # 
+      # If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.
+  "portRange": "A String", # This field can be used only if:
+      # - Load balancing scheme is one of EXTERNAL,  INTERNAL_SELF_MANAGED or INTERNAL_MANAGED
+      # - IPProtocol is one of TCP, UDP, or SCTP.
+      # 
+      # Packets addressed to ports in the specified range will be forwarded to target or  backend_service.
+      # 
+      # You can only use one of ports, port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # Some types of forwarding target have constraints on the acceptable ports:
+      # - TargetHttpProxy: 80, 8080
+      # - TargetHttpsProxy: 443
+      # - TargetGrpcProxy: no constraints
+      # - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222
+      # - TargetVpnGateway: 500, 4500
+  "ports": [ # The ports field is only supported when the forwarding rule references a backend_service directly. Supported load balancing products are Internal TCP/UDP Load Balancing and Network Load Balancing. Only packets addressed to the specified list of ports are forwarded to backends.
+      # 
+      # You can only use one of ports and port_range, or allPorts. The three are mutually exclusive.
+      # 
+      # You can specify a list of up to five ports, which can be non-contiguous.
+      # 
+      # Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint ports.
+      # 
+      # For more information, see [Port specifications](/load-balancing/docs/forwarding-rule-concepts#port_specifications).
     "A String",
   ],
   "pscConnectionId": "A String", # [Output Only] The PSC connection id of the PSC Forwarding Rule.
   "region": "A String", # [Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource. It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
+  "serviceDirectoryRegistrations": [ # Service Directory resources to register this forwarding rule with. Currently, only supports a single Service Directory resource.
+      # 
+      # It is only supported for Internal TCP/UDP Load Balancing and Internal HTTP(S) Load Balancing.
     { # Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
       "namespace": "A String", # Service Directory namespace to register the forwarding rule under.
       "service": "A String", # Service Directory service to register the forwarding rule under.
       "serviceDirectoryRegion": "A String", # [Optional] Service Directory region to register this global forwarding rule under. Default to "us-central1". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region.
     },
   ],
-  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name. The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. This field is only used for internal load balancing.
-  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule. This field is only used for internal load balancing.
-  "subnetwork": "A String", # This field is only used for internal load balancing. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
+  "serviceLabel": "A String", # An optional prefix to the service name for this Forwarding Rule. If specified, the prefix is the first label of the fully qualified service name.
+      # 
+      # The label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # 
+      # This field is only used for internal load balancing.
+  "serviceName": "A String", # [Output Only] The internal fully qualified service name for this Forwarding Rule.
+      # 
+      # This field is only used for internal load balancing.
+  "subnetwork": "A String", # This field is only used for internal load balancing.
+      # 
+      # For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.
+      # 
+      # If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.
   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -564,7 +1052,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -578,7 +1067,7 @@ 
Method Details

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -594,15 +1083,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -636,7 +1134,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -650,7 +1149,7 @@ 
Method Details

 

 
 

-    setTarget(project, forwardingRule, body=None, requestId=None, x__xgafv=None)
+    setTarget(project, forwardingRule, body=None, requestId=None)
   
Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.
 
 Args:
@@ -663,16 +1162,29 @@ 
Method Details

   "target": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -706,7 +1218,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.globalNetworkEndpointGroups.html b/docs/dyn/compute_v1.globalNetworkEndpointGroups.html
index 1fcdf85e4eb..db4c5304aa5 100644
--- a/docs/dyn/compute_v1.globalNetworkEndpointGroups.html
+++ b/docs/dyn/compute_v1.globalNetworkEndpointGroups.html
@@ -75,28 +75,28 @@
 
Compute Engine API . globalNetworkEndpointGroups

 
Instance Methods

 

-  attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)

 
Attach a network endpoint to the specified network endpoint group.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group.Note that the NEG cannot be deleted if there are backend services referencing it.

 

-  detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)

 
Detach the network endpoint from the specified network endpoint group.

 

-  get(project, networkEndpointGroup, x__xgafv=None)

+  get(project, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups that are located in the specified project.

 

-  listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the network endpoints in the specified network endpoint group.

 

   listNetworkEndpoints_next(previous_request, previous_response)

@@ -106,7 +106,7 @@ 
Instance Methods

 
Retrieves the next page of results.

 
Method Details

 

-    attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    attachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)
   
Attach a network endpoint to the specified network endpoint group.
 
 Args:
@@ -122,23 +122,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -172,7 +187,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,22 +207,35 @@ 
Method Details

 

 
 

-    delete(project, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group.Note that the NEG cannot be deleted if there are backend services referencing it.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -240,7 +269,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -254,7 +284,7 @@ 
Method Details

 

 
 

-    detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    detachNetworkEndpoints(project, networkEndpointGroup, body=None, requestId=None)
   
Detach the network endpoint from the specified network endpoint group.
 
 Args:
@@ -270,23 +300,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -320,7 +365,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -334,37 +380,67 @@ 
Method Details

 

 
 

-    get(project, networkEndpointGroup, x__xgafv=None)
+    get(project, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -383,7 +459,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -391,23 +467,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -424,16 +534,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -467,7 +590,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -481,20 +605,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups that are located in the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -502,23 +632,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -540,7 +704,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -552,21 +717,27 @@ 
Method Details

 

 
 

-    listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNetworkEndpoints(project, networkEndpointGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the network endpoints in the specified network endpoint group.
 
 Args:
   project: string, Project ID for this request. (required)
   networkEndpointGroup: string, The name of the network endpoint group from which you want to generate a list of included network endpoints. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -583,10 +754,16 @@ 
Method Details

           "forwardingRule": { # URL of the forwarding rule associated with the health state of the network endpoint.
             "forwardingRule": "A String",
           },
-          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check # URL of the health check associated with the health state of the network endpoint.
+          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: # URL of the health check associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+              # - projects/project-id/global/httpHealthChecks/health-check
+              # - global/httpHealthChecks/health-check
             "healthCheck": "A String",
           },
-          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service - projects/project-id/regions/us-west1/healthCheckServices/health-check-service - regions/us-west1/healthCheckServices/health-check-service # URL of the health check service associated with the health state of the network endpoint.
+          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: # URL of the health check service associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - regions/us-west1/healthCheckServices/health-check-service
             "healthCheckService": "A String",
           },
           "healthState": "A String", # Health state of the network endpoint determined based on the health checks configured.
@@ -597,7 +774,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -607,7 +786,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.globalOperations.html b/docs/dyn/compute_v1.globalOperations.html
index 4d473275ff3..e37e5d54696 100644
--- a/docs/dyn/compute_v1.globalOperations.html
+++ b/docs/dyn/compute_v1.globalOperations.html
@@ -75,7 +75,7 @@
 
Compute Engine API . globalOperations

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of all operations.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, operation, x__xgafv=None)

+  delete(project, operation)

 
Deletes the specified Operations resource.

 

-  get(project, operation, x__xgafv=None)

+  get(project, operation)

 
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of all operations.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,7 +130,20 @@ 
Method Details

   "items": { # [Output Only] A map of scoped operation lists.
     "a_key": { # [Output Only] Name of the scope containing this set of operations.
       "operations": [ # [Output Only] A list of operations contained in this scope.
-        { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+        { # Represents an Operation resource.
+            #
+            # Google Compute Engine has three Operation resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+            #
+            # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+            #
+            # Operations can be global, regional or zonal.
+            # - For global operations, use the `globalOperations` resource.
+            # - For regional operations, use the `regionOperations` resource.
+            # - For zonal operations, use the `zonalOperations` resource.
+            #
+            # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
           "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
           "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
           "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +177,8 @@ 
Method Details

           "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
             {
               "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-              "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+              "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                  # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
                 {
                   "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                   "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,7 +192,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of operations when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -190,7 +211,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -221,35 +243,40 @@ 
Method Details

 

 
 

-    delete(project, operation, x__xgafv=None)
+    delete(project, operation)
   
Deletes the specified Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, operation, x__xgafv=None)
+    get(project, operation)
   
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -283,7 +310,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -297,20 +325,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -318,7 +352,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -352,7 +399,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -369,7 +417,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -395,21 +444,34 @@ 
Method Details

 

 
 

-    wait(project, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -443,7 +505,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.globalOrganizationOperations.html b/docs/dyn/compute_v1.globalOrganizationOperations.html
index 1f935404200..faed155046e 100644
--- a/docs/dyn/compute_v1.globalOrganizationOperations.html
+++ b/docs/dyn/compute_v1.globalOrganizationOperations.html
@@ -78,13 +78,13 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(operation, parentId=None, x__xgafv=None)

+  delete(operation, parentId=None)

 
Deletes the specified Operations resource.

 

-  get(operation, parentId=None, x__xgafv=None)

+  get(operation, parentId=None)

 
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.

 

-  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)

+  list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified organization.

 

   list_next(previous_request, previous_response)

@@ -96,35 +96,40 @@ 
Method Details

 

 
 

-    delete(operation, parentId=None, x__xgafv=None)
+    delete(operation, parentId=None)
   
Deletes the specified Operations resource.
 
 Args:
   operation: string, Name of the Operations resource to delete. (required)
   parentId: string, Parent ID for this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(operation, parentId=None, x__xgafv=None)
+    get(operation, parentId=None)
   
Retrieves the specified Operations resource. Gets a list of operations by making a `list()` request.
 
 Args:
   operation: string, Name of the Operations resource to return. (required)
   parentId: string, Parent ID for this request.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +163,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,20 +178,26 @@ 
Method Details

 

 
 

-    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None, x__xgafv=None)
+    list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified organization.
 
 Args:
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   parentId: string, Parent ID for this request.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -193,7 +205,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -227,7 +252,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -244,7 +270,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.globalPublicDelegatedPrefixes.html b/docs/dyn/compute_v1.globalPublicDelegatedPrefixes.html
index a2832c71a06..54e08ef5808 100644
--- a/docs/dyn/compute_v1.globalPublicDelegatedPrefixes.html
+++ b/docs/dyn/compute_v1.globalPublicDelegatedPrefixes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, publicDelegatedPrefix, requestId=None, x__xgafv=None)

+  delete(project, publicDelegatedPrefix, requestId=None)

 
Deletes the specified global PublicDelegatedPrefix.

 

-  get(project, publicDelegatedPrefix, x__xgafv=None)

+  get(project, publicDelegatedPrefix)

 
Returns the specified global PublicDelegatedPrefix resource.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a global PublicDelegatedPrefix in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the global PublicDelegatedPrefixes for a project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, publicDelegatedPrefix, body=None, requestId=None)

 
Patches the specified global PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, publicDelegatedPrefix, requestId=None, x__xgafv=None)
+    delete(project, publicDelegatedPrefix, requestId=None)
   
Deletes the specified global PublicDelegatedPrefix.
 
 Args:
   project: string, Project ID for this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -151,7 +164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -165,16 +179,12 @@ 
Method Details

 

 
 

-    get(project, publicDelegatedPrefix, x__xgafv=None)
+    get(project, publicDelegatedPrefix)
   
Returns the specified global PublicDelegatedPrefix resource.
 
 Args:
   project: string, Project ID for this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -182,7 +192,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -207,7 +219,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a global PublicDelegatedPrefix in the specified project using the parameters that are included in the request.
 
 Args:
@@ -218,7 +230,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -241,16 +255,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -284,7 +311,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -298,20 +326,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the global PublicDelegatedPrefixes for a project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -322,7 +356,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
       "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -350,7 +386,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -376,7 +413,7 @@ 
Method Details

 

 
 

-    patch(project, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, publicDelegatedPrefix, body=None, requestId=None)
   
Patches the specified global PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -388,7 +425,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -411,16 +450,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -454,7 +506,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.healthChecks.html b/docs/dyn/compute_v1.healthChecks.html
index 98a7a7d1c9f..e89c1224716 100644
--- a/docs/dyn/compute_v1.healthChecks.html
+++ b/docs/dyn/compute_v1.healthChecks.html
@@ -75,7 +75,7 @@
 
Compute Engine API . healthChecks

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all HealthCheck resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, healthCheck, requestId=None, x__xgafv=None)

+  delete(project, healthCheck, requestId=None)

 
Deletes the specified HealthCheck resource.

 

-  get(project, healthCheck, x__xgafv=None)

+  get(project, healthCheck)

 
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, healthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, healthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all HealthCheck resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,22 +136,53 @@ 
Method Details

   "items": { # A list of HealthChecksScopedList resources.
     "a_key": { # Name of the scope containing this set of HealthChecks.
       "healthChecks": [ # A list of HealthChecks contained in this scope.
-        { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+        { # Represents a Health Check resource.
+            #
+            # Google Compute Engine has two Health Check resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+            #
+            # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+            #
+            # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+            #
+            # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+            #
+            # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+            #
+            # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+            #
+            # For more information, see Health checks overview.
           "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "grpcHealthCheck": {
-            "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+            "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+                # - Empty service_name means the overall status of all services at the backend.
+                # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+                # The grpc_service_name can only be ASCII.
             "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, gRPC health check follows behavior specified in port and portName fields.
           },
           "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
           "http2HealthCheck": {
             "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -154,7 +191,13 @@ 
Method Details

             "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTP health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -163,7 +206,13 @@ 
Method Details

             "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, HTTPS health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
             "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -179,7 +228,13 @@ 
Method Details

           "sslHealthCheck": {
             "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, SSL health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
             "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -187,7 +242,13 @@ 
Method Details

           "tcpHealthCheck": {
             "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
             "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+            "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+                # USE_FIXED_PORT: The port number in port is used for health checking.
+                # USE_NAMED_PORT: The portName is used for health checking.
+                # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+                #
+                #
+                # If not specified, TCP health check follows behavior specified in port and portName fields.
             "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
             "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
             "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -199,7 +260,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -217,7 +279,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -248,22 +311,35 @@ 
Method Details

 

 
 

-    delete(project, healthCheck, requestId=None, x__xgafv=None)
+    delete(project, healthCheck, requestId=None)
   
Deletes the specified HealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   healthCheck: string, Name of the HealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -297,7 +373,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -311,36 +388,63 @@ 
Method Details

 

 
 

-    get(project, healthCheck, x__xgafv=None)
+    get(project, healthCheck)
   
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   healthCheck: string, Name of the HealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+    #
+    # Google Compute Engine has two Health Check resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    #
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    #
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    #
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    #
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -349,7 +453,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -358,7 +468,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -374,7 +490,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -382,7 +504,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -394,7 +522,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -402,22 +530,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -426,7 +585,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -435,7 +600,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -451,7 +622,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -459,7 +636,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -469,16 +652,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -512,7 +708,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -526,20 +723,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -547,22 +750,53 @@ 
Method Details

     { # Contains a list of HealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheck resources.
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+        #
+        # Google Compute Engine has two Health Check resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+        #
+        # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+        #
+        # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+        #
+        # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+        #
+        # For more information, see Health checks overview.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcHealthCheck": {
-        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+            # - Empty service_name means the overall status of all services at the backend.
+            # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+            # The grpc_service_name can only be ASCII.
         "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, gRPC health check follows behavior specified in port and portName fields.
       },
       "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
       "http2HealthCheck": {
         "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -571,7 +805,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -580,7 +820,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTPS health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -596,7 +842,13 @@ 
Method Details

       "sslHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, SSL health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -604,7 +856,13 @@ 
Method Details

       "tcpHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, TCP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -619,7 +877,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -645,7 +904,7 @@ 
Method Details

 

 
 

-    patch(project, healthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -654,22 +913,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -678,7 +968,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -687,7 +983,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -703,7 +1005,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -711,7 +1019,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -721,16 +1035,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -764,7 +1091,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -778,7 +1106,7 @@ 
Method Details

 

 
 

-    update(project, healthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -787,22 +1115,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -811,7 +1170,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -820,7 +1185,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -836,7 +1207,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -844,7 +1221,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -854,16 +1237,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -897,7 +1293,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.httpHealthChecks.html b/docs/dyn/compute_v1.httpHealthChecks.html
index d0bc77c225f..f5e7329ec0a 100644
--- a/docs/dyn/compute_v1.httpHealthChecks.html
+++ b/docs/dyn/compute_v1.httpHealthChecks.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, httpHealthCheck, requestId=None, x__xgafv=None)

+  delete(project, httpHealthCheck, requestId=None)

 
Deletes the specified HttpHealthCheck resource.

 

-  get(project, httpHealthCheck, x__xgafv=None)

+  get(project, httpHealthCheck)

 
Returns the specified HttpHealthCheck resource. Gets a list of available HTTP health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HttpHealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HttpHealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, httpHealthCheck, body=None, requestId=None)

 
Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, httpHealthCheck, body=None, requestId=None)

 
Updates a HttpHealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, httpHealthCheck, requestId=None, x__xgafv=None)
+    delete(project, httpHealthCheck, requestId=None)
   
Deletes the specified HttpHealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   httpHealthCheck: string, Name of the HttpHealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,21 +182,19 @@ 
Method Details

 

 
 

-    get(project, httpHealthCheck, x__xgafv=None)
+    get(project, httpHealthCheck)
   
Returns the specified HttpHealthCheck resource. Gets a list of available HTTP health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   httpHealthCheck: string, Name of the HttpHealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTP Health Check resource.
+    #
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -200,7 +212,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HttpHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -208,7 +220,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -224,16 +238,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -267,7 +294,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -281,20 +309,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HttpHealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -302,7 +336,9 @@ 
Method Details

     { # Contains a list of HttpHealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HttpHealthCheck resources.
-    { # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTP Health Check resource.
+        #
+        # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -323,7 +359,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -349,7 +386,7 @@ 
Method Details

 

 
 

-    patch(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, httpHealthCheck, body=None, requestId=None)
   
Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -358,7 +395,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -374,16 +413,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -417,7 +469,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -431,7 +484,7 @@ 
Method Details

 

 
 

-    update(project, httpHealthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, httpHealthCheck, body=None, requestId=None)
   
Updates a HttpHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -440,7 +493,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTP Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTP Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -456,16 +511,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -499,7 +567,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.httpsHealthChecks.html b/docs/dyn/compute_v1.httpsHealthChecks.html
index 94574757632..fed5c94d49b 100644
--- a/docs/dyn/compute_v1.httpsHealthChecks.html
+++ b/docs/dyn/compute_v1.httpsHealthChecks.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, httpsHealthCheck, requestId=None, x__xgafv=None)

+  delete(project, httpsHealthCheck, requestId=None)

 
Deletes the specified HttpsHealthCheck resource.

 

-  get(project, httpsHealthCheck, x__xgafv=None)

+  get(project, httpsHealthCheck)

 
Returns the specified HttpsHealthCheck resource. Gets a list of available HTTPS health checks by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a HttpsHealthCheck resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HttpsHealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, httpsHealthCheck, body=None, requestId=None)

 
Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, httpsHealthCheck, body=None, requestId=None)

 
Updates a HttpsHealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, httpsHealthCheck, requestId=None, x__xgafv=None)
+    delete(project, httpsHealthCheck, requestId=None)
   
Deletes the specified HttpsHealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   httpsHealthCheck: string, Name of the HttpsHealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,21 +182,19 @@ 
Method Details

 

 
 

-    get(project, httpsHealthCheck, x__xgafv=None)
+    get(project, httpsHealthCheck)
   
Returns the specified HttpsHealthCheck resource. Gets a list of available HTTPS health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   httpsHealthCheck: string, Name of the HttpsHealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTPS Health Check resource.
+    #
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -200,7 +212,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a HttpsHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -208,7 +220,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -224,16 +238,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -267,7 +294,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -281,20 +309,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HttpsHealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -302,7 +336,9 @@ 
Method Details

     { # Contains a list of HttpsHealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HttpsHealthCheck resources.
-    { # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+    { # Represents a legacy HTTPS Health Check resource.
+        #
+        # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -323,7 +359,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -349,7 +386,7 @@ 
Method Details

 

 
 

-    patch(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, httpsHealthCheck, body=None, requestId=None)
   
Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -358,7 +395,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -374,16 +413,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -417,7 +469,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -431,7 +484,7 @@ 
Method Details

 

 
 

-    update(project, httpsHealthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, httpsHealthCheck, body=None, requestId=None)
   
Updates a HttpsHealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -440,7 +493,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a legacy HTTPS Health Check resource. Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
+{ # Represents a legacy HTTPS Health Check resource.
+    # 
+    # Legacy health checks are required by network load balancers. For more information, read Health Check Concepts.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -456,16 +511,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -499,7 +567,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.images.html b/docs/dyn/compute_v1.images.html
index 0a2eb14baeb..27692a5e4a2 100644
--- a/docs/dyn/compute_v1.images.html
+++ b/docs/dyn/compute_v1.images.html
@@ -78,40 +78,40 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, image, requestId=None, x__xgafv=None)

+  delete(project, image, requestId=None)

 
Deletes the specified image.

 

-  deprecate(project, image, body=None, requestId=None, x__xgafv=None)

-
Sets the deprecation status of an image. If an empty request body is given, clears the deprecation status instead.

+  deprecate(project, image, body=None, requestId=None)

+
Sets the deprecation status of an image.

 

-  get(project, image, x__xgafv=None)

+  get(project, image)

 
Returns the specified image. Gets a list of available images by making a list() request.

 

-  getFromFamily(project, family, x__xgafv=None)

+  getFromFamily(project, family)

 
Returns the latest image that is part of an image family and is not deprecated.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, forceCreate=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, forceCreate=None, requestId=None)

 
Creates an image in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, image, body=None, requestId=None, x__xgafv=None)

+  patch(project, image, body=None, requestId=None)

 
Patches the specified image with the data included in the request. Only the following fields can be modified: family, description, deprecation status.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -120,22 +120,35 @@ 
Method Details

 

 
 

-    delete(project, image, requestId=None, x__xgafv=None)
+    delete(project, image, requestId=None)
   
Deletes the specified image.
 
 Args:
   project: string, Project ID for this request. (required)
   image: string, Name of the image resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -169,7 +182,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -183,8 +197,10 @@ 
Method Details

 

 
 

-    deprecate(project, image, body=None, requestId=None, x__xgafv=None)
-  
Sets the deprecation status of an image. If an empty request body is given, clears the deprecation status instead.
+    deprecate(project, image, body=None, requestId=None)
+  
Sets the deprecation status of an image.
+
+If an empty request body is given, clears the deprecation status instead.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -200,16 +216,29 @@ 
Method Details

   "state": "A String", # The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -243,7 +272,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -257,21 +287,19 @@ 
Method Details

 

 
 

-    get(project, image, x__xgafv=None)
+    get(project, image)
   
Returns the specified image. Gets a list of available images by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   image: string, Name of the image resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+    #
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -284,20 +312,28 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      #
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -311,7 +347,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -339,7 +381,16 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -347,7 +398,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -355,7 +412,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -372,21 +435,19 @@ 
Method Details

 

 
 

-    getFromFamily(project, family, x__xgafv=None)
+    getFromFamily(project, family)
   
Returns the latest image that is part of an image family and is not deprecated.
 
 Args:
   project: string, Project ID for this request. (required)
   family: string, Name of the image family to search for. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+    #
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -399,20 +460,28 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      #
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -426,7 +495,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        #
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -454,7 +529,16 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -462,7 +546,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -470,7 +560,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      #
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -487,34 +583,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -522,76 +642,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, forceCreate=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, forceCreate=None, requestId=None)
   
Creates an image in the specified project using the data included in the request.
 
 Args:
@@ -599,7 +787,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+{ # Represents an Image resource.
+    # 
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -612,20 +802,28 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      # 
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -639,7 +837,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        # 
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -667,7 +871,16 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -675,7 +888,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -683,7 +902,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -699,16 +924,29 @@ 
Method Details

 }
 
   forceCreate: boolean, Force image creation if true.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -742,7 +980,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -756,20 +995,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -777,7 +1022,9 @@ 
Method Details

     { # Contains a list of images.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Image resources.
-    { # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+    { # Represents an Image resource.
+        #
+        # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
       "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -790,20 +1037,28 @@ 
Method Details

       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
       "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+      "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+          #
+          # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an image.
       "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -817,7 +1072,13 @@ 
Method Details

       "rawDisk": { # The parameters of the raw disk image.
         "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
         "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-        "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+        "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+            #
+            # In order to create an image, you must provide the full or partial URL of one of the following:
+            # - The rawDisk.source URL
+            # - The sourceDisk URL
+            # - The sourceImage URL
+            # - The sourceSnapshot URL
       },
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -845,7 +1106,16 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - zones/zone/disks/disk
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -853,7 +1123,13 @@ 
Method Details

         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-      "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceImage": "A String", # URL of the source image used to create this image.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -861,7 +1137,13 @@ 
Method Details

         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-      "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+      "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+          #
+          # In order to create an image, you must provide the full or partial URL of one of the following:
+          # - The rawDisk.source URL
+          # - The sourceDisk URL
+          # - The sourceImage URL
+          # - The sourceSnapshot URL
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -881,7 +1163,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -907,7 +1190,7 @@ 
Method Details

 

 
 

-    patch(project, image, body=None, requestId=None, x__xgafv=None)
+    patch(project, image, body=None, requestId=None)
   
Patches the specified image with the data included in the request. Only the following fields can be modified: family, description, deprecation status.
 
 Args:
@@ -916,7 +1199,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Image resource. You can use images to create boot disks for your VM instances. For more information, read Images.
+{ # Represents an Image resource.
+    # 
+    # You can use images to create boot disks for your VM instances. For more information, read Images. (== resource_for {$api_version}.images ==)
   "archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
@@ -929,20 +1214,28 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
   "family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key. After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
+  "imageEncryptionKey": { # Encrypts the image using a customer-supplied encryption key.
+      # 
+      # After you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for images.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an image.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an image.
   "labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -956,7 +1249,13 @@ 
Method Details

   "rawDisk": { # The parameters of the raw disk image.
     "containerType": "A String", # The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.
     "sha1Checksum": "A String", # [Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.
-    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+    "source": "A String", # The full Google Cloud Storage URL where the disk image is stored.
+        # 
+        # In order to create an image, you must provide the full or partial URL of one of the following:
+        # - The rawDisk.source URL
+        # - The sourceDisk URL
+        # - The sourceImage URL
+        # - The sourceSnapshot URL
   },
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -984,7 +1283,16 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceDisk": "A String", # URL of the source disk used to create this image. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceDiskEncryptionKey": { # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -992,7 +1300,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceDiskId": "A String", # [Output Only] The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
-  "sourceImage": "A String", # URL of the source image used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceImage": "A String", # URL of the source image used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -1000,7 +1314,13 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
-  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image. In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL
+  "sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
+      # 
+      # In order to create an image, you must provide the full or partial URL of one of the following:
+      # - The rawDisk.source URL
+      # - The sourceDisk URL
+      # - The sourceImage URL
+      # - The sourceSnapshot URL
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -1015,16 +1335,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1058,7 +1391,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1072,7 +1406,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1084,33 +1418,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1118,95 +1526,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1214,76 +1714,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -1299,15 +1867,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1341,7 +1918,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1355,7 +1933,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1370,10 +1948,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.instanceGroupManagers.html b/docs/dyn/compute_v1.instanceGroupManagers.html
index 6f16430f34a..92d8c573a17 100644
--- a/docs/dyn/compute_v1.instanceGroupManagers.html
+++ b/docs/dyn/compute_v1.instanceGroupManagers.html
@@ -75,55 +75,55 @@
 
Compute Engine API . instanceGroupManagers

 
Instance Methods

 

-  abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of managed instance groups and groups them by zone.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  applyUpdatesToInstances(project, zone, instanceGroupManager, body=None, x__xgafv=None)

+  applyUpdatesToInstances(project, zone, instanceGroupManager, body=None)

 
Applies changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.

 

   close()

 
Close httplib2 connections.

 

-  createInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  createInstances(project, zone, instanceGroupManager, body=None, requestId=None)

 
Creates instances with per-instance configs in this managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.

 

-  delete(project, zone, instanceGroupManager, requestId=None, x__xgafv=None)

-
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read Deleting an instance group for more information.

+  delete(project, zone, instanceGroupManager, requestId=None)

+
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.

 

-  deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.

 

-  deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None, x__xgafv=None)

+  deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None)

 
Deletes selected per-instance configs for the managed instance group.

 

-  get(project, zone, instanceGroupManager, x__xgafv=None)

+  get(project, zone, instanceGroupManager)

 
Returns all of the details about the specified managed instance group. Gets a list of available managed instance groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

-
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.

+  insert(project, zone, body=None, requestId=None)

+
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of managed instance groups that are contained within the specified project and zone.

 

-  listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all errors thrown by actions on instances for a given managed instance group. The filter and orderBy query parameters are not supported.

 

   listErrors_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action. The orderBy query parameter is not supported.

 

   listManagedInstances_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.

 

   listPerInstanceConfigs_next(previous_request, previous_response)

@@ -132,30 +132,34 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)

 
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 

-  recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None)

+
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.

 

-  resize(project, zone, instanceGroupManager, size, requestId=None, x__xgafv=None)

-
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including: + The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance. This list is subject to change. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resize(project, zone, instanceGroupManager, size, requestId=None)

+
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.

 

-  setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None)

 
Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.

 

-  setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None)

 
Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.

 

-  updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)

 
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 
Method Details

 

-    abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    abandonInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances to be removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -170,16 +174,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -213,7 +230,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -227,21 +245,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of managed instance groups and groups them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -251,7 +275,15 @@ 
Method Details

   "items": { # A list of InstanceGroupManagersScopedList resources.
     "a_key": { # [Output Only] The name of the scope that contains this set of managed instance groups.
       "instanceGroupManagers": [ # [Output Only] The list of managed instance groups that are contained in the specified project and zone.
-        { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+        { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+            #
+            # Represents a Managed Instance Group resource.
+            #
+            # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+            #
+            # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+            #
+            # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
           "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
             {
               "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -262,7 +294,9 @@ 
Method Details

           "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
           "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
             "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-            "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+            "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+                #
+                # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
             "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
             "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
             "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -280,14 +314,16 @@ 
Method Details

               },
             ],
           },
-          "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+          "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
           "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
           "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
           "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
           "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
           "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-            { # The named port. For example: <"http", 80>.
+            { # The named port. For example: .
               "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
               "port": 42, # The port number, which can be a value between 1 and 65535.
             },
@@ -321,14 +357,32 @@ 
Method Details

           ],
           "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
           "updatePolicy": { # The update policy for this managed instance group.
-            "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-            "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+                # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+                # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+            "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+                #
+                # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                  #
+                  #
+                  # - If the value is fixed, then the calculated value is equal to the fixed value.
+                  # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
               "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
               "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
             },
-            "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+                #
+                #
+                # - The instance's status is RUNNING.
+                # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+                #
+                # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+              "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                  #
+                  #
+                  # - If the value is fixed, then the calculated value is equal to the fixed value.
+                  # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
               "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
               "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
             },
@@ -336,12 +390,20 @@ 
Method Details

             "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
             "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
           },
-          "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+          "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+              #
+              # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
             {
               "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
               "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-              "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+              "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+                  # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+                  # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+                "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                    #
+                    #
+                    # - If the value is fixed, then the calculated value is equal to the fixed value.
+                    # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
                 "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
                 "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
               },
@@ -352,7 +414,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] The warning that replaces the list of managed instance groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -370,7 +433,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -396,7 +460,7 @@ 
Method Details

 

 
 

-    applyUpdatesToInstances(project, zone, instanceGroupManager, body=None, x__xgafv=None)
+    applyUpdatesToInstances(project, zone, instanceGroupManager, body=None)
   
Applies changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.
 
 Args:
@@ -407,23 +471,40 @@ 
Method Details

     The object takes the form of:
 
 { # InstanceGroupManagers.applyUpdatesToInstances
-  "allInstances": True or False, # Flag to update all instances instead of specified list of “instances”. If the flag is set to true then the instances may not be specified in the request.
+  "allInstances": True or False, # Flag to update all instances instead of specified list of ?instances?. If the flag is set to true then the instances may not be specified in the request.
   "instances": [ # The list of URLs of one or more instances for which you want to apply updates. Each URL can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].
     "A String",
   ],
-  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update: - REPLACE: At minimum, delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
-  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update: - REPLACE: Delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
+  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update:
+      # - REPLACE: At minimum, delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
+  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update:
+      # - REPLACE: Delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -457,7 +538,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -476,7 +558,7 @@ 
Method Details

 

 
 

-    createInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    createInstances(project, zone, instanceGroupManager, body=None, requestId=None)
   
Creates instances with per-instance configs in this managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.
 
 Args:
@@ -508,16 +590,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -551,7 +646,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -565,23 +661,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instanceGroupManager, requestId=None, x__xgafv=None)
-  
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read Deleting an instance group for more information.
+    delete(project, zone, instanceGroupManager, requestId=None)
+  
Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -615,7 +724,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -629,8 +739,12 @@ 
Method Details

 

 
 

-    deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    deleteInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group for immediate deletion. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -645,16 +759,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -688,7 +815,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -702,7 +830,7 @@ 
Method Details

 

 
 

-    deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None, x__xgafv=None)
+    deletePerInstanceConfigs(project, zone, instanceGroupManager, body=None)
   
Deletes selected per-instance configs for the managed instance group.
 
 Args:
@@ -718,15 +846,24 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -760,7 +897,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -774,22 +912,26 @@ 
Method Details

 

 
 

-    get(project, zone, instanceGroupManager, x__xgafv=None)
+    get(project, zone, instanceGroupManager)
   
Returns all of the details about the specified managed instance group. Gets a list of available managed instance groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    #
+    # Represents a Managed Instance Group resource.
+    #
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    #
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    #
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -800,7 +942,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -818,14 +962,16 @@ 
Method Details

       },
     ],
   },
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -859,14 +1005,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -874,12 +1038,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      #
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -890,8 +1062,10 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
-  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.
+    insert(project, zone, body=None, requestId=None)
+  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.
+
+A managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -899,7 +1073,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -910,7 +1092,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -928,14 +1112,16 @@ 
Method Details

       },
     ],
   },
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -969,14 +1155,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -984,12 +1188,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -998,16 +1210,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1041,7 +1266,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1055,21 +1281,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of managed instance groups that are contained within the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1077,7 +1309,15 @@ 
Method Details

     { # [Output Only] A list of managed instance groups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroupManager resources.
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+        #
+        # Represents a Managed Instance Group resource.
+        #
+        # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+        #
+        # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+        #
+        # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
       "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
         {
           "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -1088,7 +1328,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
       "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
         "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+            #
+            # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
         "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
         "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
         "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1106,14 +1348,16 @@ 
Method Details

           },
         ],
       },
-      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
       "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
       "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
       "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
       "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
       "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -1147,14 +1391,32 @@ 
Method Details

       ],
       "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
       "updatePolicy": { # The update policy for this managed instance group.
-        "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+            # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+            # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
-        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+            #
+            #
+            # - The instance's status is RUNNING.
+            # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
@@ -1162,12 +1424,20 @@ 
Method Details

         "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
         "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
       },
-      "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+      "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+          #
+          # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
         {
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
           "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+              # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+              # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1181,7 +1451,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1193,22 +1464,28 @@ 
Method Details

 

 
 

-    listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listErrors(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all errors thrown by actions on instances for a given managed instance group. The filter and orderBy query parameters are not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. It should conform to RFC1035. (required)
-  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|1-9{0,19}. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|[1-9][0-9]{0,19}. (required)
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1250,22 +1527,28 @@ 
Method Details

 

 
 

-    listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listManagedInstances(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1273,7 +1556,16 @@ 
Method Details

     {
   "managedInstances": [ # [Output Only] The list of instances in the managed instance group.
     { # A Managed Instance resource.
-      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. - RECREATING The managed instance group is recreating this instance. - DELETING The managed instance group is permanently deleting this instance. - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. - RESTARTING The managed instance group is restarting the instance. - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
+      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values:
+          # - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance.
+          # - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful.
+          # - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead.
+          # - RECREATING The managed instance group is recreating this instance.
+          # - DELETING The managed instance group is permanently deleting this instance.
+          # - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group.
+          # - RESTARTING The managed instance group is restarting the instance.
+          # - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.
+          # - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
       "id": "A String", # [Output only] The unique identifier for this resource. This field is empty when instance does not exist.
       "instance": "A String", # [Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.
       "instanceHealth": [ # [Output Only] Health state of the instance per health-check.
@@ -1343,22 +1635,28 @@ 
Method Details

 

 
 

-    listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPerInstanceConfigs(project, zone, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. It should conform to RFC1035. (required)
   instanceGroupManager: string, The name of the managed instance group. It should conform to RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1386,7 +1684,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1426,7 +1725,7 @@ 
Method Details

 

 
 

-    patch(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -1436,7 +1735,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -1447,7 +1754,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1465,14 +1774,16 @@ 
Method Details

       },
     ],
   },
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -1506,14 +1817,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1521,12 +1850,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1535,16 +1872,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1578,7 +1928,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1592,7 +1943,7 @@ 
Method Details

 

 
 

-    patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patchPerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)
   
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1624,16 +1975,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1667,7 +2031,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1681,8 +2046,12 @@ 
Method Details

 

 
 

-    recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    recreateInstances(project, zone, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1697,16 +2066,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1740,7 +2122,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1754,24 +2137,45 @@ 
Method Details

 

 
 

-    resize(project, zone, instanceGroupManager, size, requestId=None, x__xgafv=None)
-  
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including: + The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance. This list is subject to change. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resize(project, zone, instanceGroupManager, size, requestId=None)
+  
Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.
+
+When resizing down, the instance group arbitrarily chooses the order in which VMs are deleted. The group takes into account some VM attributes when making the selection including:
+
++ The status of the VM instance. + The health of the VM instance. + The instance template version the VM is based on. + For regional managed instance groups, the location of the VM instance.
+
+This list is subject to change.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the managed instance group is located. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
   size: integer, The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1805,7 +2209,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1819,7 +2224,7 @@ 
Method Details

 

 
 

-    setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setInstanceTemplate(project, zone, instanceGroupManager, body=None, requestId=None)
   
Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
 
 Args:
@@ -1833,16 +2238,29 @@ 
Method Details

   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1876,7 +2294,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1890,7 +2309,7 @@ 
Method Details

 

 
 

-    setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setTargetPools(project, zone, instanceGroupManager, body=None, requestId=None)
   
Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.
 
 Args:
@@ -1907,16 +2326,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1950,7 +2382,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1964,7 +2397,7 @@ 
Method Details

 

 
 

-    updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    updatePerInstanceConfigs(project, zone, instanceGroupManager, body=None, requestId=None)
   
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1996,16 +2429,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2039,7 +2485,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.instanceGroups.html b/docs/dyn/compute_v1.instanceGroups.html
index 335e0947328..3e04e598f09 100644
--- a/docs/dyn/compute_v1.instanceGroups.html
+++ b/docs/dyn/compute_v1.instanceGroups.html
@@ -75,10 +75,10 @@
 
Compute Engine API . instanceGroups

 
Instance Methods

 

-  addInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

-
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read Adding instances for more information.

+  addInstances(project, zone, instanceGroup, body=None, requestId=None)

+
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instance groups and sorts them by zone.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,19 +87,19 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, instanceGroup, requestId=None, x__xgafv=None)

-
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read Deleting an instance group for more information.

+  delete(project, zone, instanceGroup, requestId=None)

+
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.

 

-  get(project, zone, instanceGroup, x__xgafv=None)

-
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.

+  get(project, zone, instanceGroup)

+
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates an instance group in the specified project using the parameters that are included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

-
Retrieves the list of zonal instance group resources contained within the specified zone. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

+
Retrieves the list of zonal instance group resources contained within the specified zone.

 

-  listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the specified instance group. The orderBy query parameter is not supported.

 

   listInstances_next(previous_request, previous_response)

@@ -108,15 +108,15 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

-
Removes one or more instances from the specified instance group, but does not delete those instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.

+  removeInstances(project, zone, instanceGroup, body=None, requestId=None)

+
Removes one or more instances from the specified instance group, but does not delete those instances.

 

-  setNamedPorts(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)

+  setNamedPorts(project, zone, instanceGroup, body=None, requestId=None)

 
Sets the named ports for the specified instance group.

 
Method Details

 

-    addInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
-  
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read Adding instances for more information.
+    addInstances(project, zone, instanceGroup, body=None, requestId=None)
+  
Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -128,21 +128,34 @@ 
Method Details

 {
   "instances": [ # The list of instances to add to the instance group.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -176,7 +189,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -190,21 +204,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instance groups and sorts them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -214,15 +234,31 @@ 
Method Details

   "items": { # A list of InstanceGroupsScopedList resources.
     "a_key": { # The name of the scope that contains this set of instance groups.
       "instanceGroups": [ # [Output Only] The list of instance groups that are contained in this scope.
-        { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+        { # Represents an Instance Group resource.
+            #
+            # Instance Groups can be used to configure a target for load balancing.
+            #
+            # Instance groups can either be managed or unmanaged.
+            #
+            # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+            #
+            # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+            #
+            # For more information, read Instance groups.
+            #
+            # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
           "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
           "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
           "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
           "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-          "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-            { # The named port. For example: <"http", 80>.
+          "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+              #
+              # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+              #
+              # Named ports apply to all instances in this instance group.
+            { # The named port. For example: .
               "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
               "port": 42, # The port number, which can be a value between 1 and 65535.
             },
@@ -237,7 +273,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that replaces the list of instance groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -255,7 +292,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -286,23 +324,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instanceGroup, requestId=None, x__xgafv=None)
-  
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read Deleting an instance group for more information.
+    delete(project, zone, instanceGroup, requestId=None)
+  
Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
   instanceGroup: string, The name of the instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -336,7 +387,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -350,30 +402,44 @@ 
Method Details

 

 
 

-    get(project, zone, instanceGroup, x__xgafv=None)
-  
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
+    get(project, zone, instanceGroup)
+  
Returns the specified zonal instance group. Get a list of available zonal instance groups by making a list() request.
+
+For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
   instanceGroup: string, The name of the instance group. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+    #
+    # Instance Groups can be used to configure a target for load balancing.
+    #
+    # Instance groups can either be managed or unmanaged.
+    #
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    #
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    #
+    # For more information, read Instance groups.
+    #
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      #
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      #
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -388,7 +454,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates an instance group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -397,15 +463,31 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+{ # Represents an Instance Group resource.
+    # 
+    # Instance Groups can be used to configure a target for load balancing.
+    # 
+    # Instance groups can either be managed or unmanaged.
+    # 
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    # 
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    # 
+    # For more information, read Instance groups.
+    # 
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      # 
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      # 
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -418,16 +500,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -461,7 +556,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -475,21 +571,29 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
-  
Retrieves the list of zonal instance group resources contained within the specified zone. For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
+  
Retrieves the list of zonal instance group resources contained within the specified zone.
+
+For managed instance groups, use the instanceGroupManagers or regionInstanceGroupManagers methods instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the instance group is located. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -497,15 +601,31 @@ 
Method Details

     { # A list of InstanceGroup resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroup resources.
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+        #
+        # Instance Groups can be used to configure a target for load balancing.
+        #
+        # Instance groups can either be managed or unmanaged.
+        #
+        # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+        #
+        # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+        #
+        # For more information, read Instance groups.
+        #
+        # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
       "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
       "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
       "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-      "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-        { # The named port. For example: <"http", 80>.
+      "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+          #
+          # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+          #
+          # Named ports apply to all instances in this instance group.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -523,7 +643,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -535,7 +656,7 @@ 
Method Details

 

 
 

-    listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listInstances(project, zone, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the specified instance group. The orderBy query parameter is not supported.
 
 Args:
@@ -549,15 +670,21 @@ 
Method Details

   "instanceState": "A String", # A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -568,7 +695,7 @@ 
Method Details

     {
       "instance": "A String", # [Output Only] The URL of the instance.
       "namedPorts": [ # [Output Only] The named ports that belong to this instance group.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -581,7 +708,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -621,8 +749,10 @@ 
Method Details

 

 
 

-    removeInstances(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
-  
Removes one or more instances from the specified instance group, but does not delete those instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.
+    removeInstances(project, zone, instanceGroup, body=None, requestId=None)
+  
Removes one or more instances from the specified instance group, but does not delete those instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -634,21 +764,34 @@ 
Method Details

 {
   "instances": [ # The list of instances to remove from the instance group.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -682,7 +825,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -696,7 +840,7 @@ 
Method Details

 

 
 

-    setNamedPorts(project, zone, instanceGroup, body=None, requestId=None, x__xgafv=None)
+    setNamedPorts(project, zone, instanceGroup, body=None, requestId=None)
   
Sets the named ports for the specified instance group.
 
 Args:
@@ -709,23 +853,36 @@ 
Method Details

 {
   "fingerprint": "A String", # The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request. A request with an incorrect fingerprint will fail with error 412 conditionNotMet.
   "namedPorts": [ # The list of named ports to set for this instance group.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -759,7 +916,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.instanceTemplates.html b/docs/dyn/compute_v1.instanceTemplates.html
index 0e08cf619f0..1f1da254b83 100644
--- a/docs/dyn/compute_v1.instanceTemplates.html
+++ b/docs/dyn/compute_v1.instanceTemplates.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, instanceTemplate, requestId=None, x__xgafv=None)

+  delete(project, instanceTemplate, requestId=None)

 
Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It is not possible to delete templates that are already in use by a managed instance group.

 

-  get(project, instanceTemplate, x__xgafv=None)

+  get(project, instanceTemplate)

 
Returns the specified instance template. Gets a list of available instance templates by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of instance templates that are contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, instanceTemplate, requestId=None, x__xgafv=None)
+    delete(project, instanceTemplate, requestId=None)
   
Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It is not possible to delete templates that are already in use by a managed instance group.
 
 Args:
   project: string, Project ID for this request. (required)
   instanceTemplate: string, The name of the instance template to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,21 +185,19 @@ 
Method Details

 

 
 

-    get(project, instanceTemplate, x__xgafv=None)
+    get(project, instanceTemplate)
   
Returns the specified instance template. Gets a list of available instance templates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   instanceTemplate: string, The name of the instance template. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+    { # Represents an Instance Template resource.
+    #
+    # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -205,25 +217,46 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
             "a_key": "A String",
           },
@@ -232,14 +265,40 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -277,7 +336,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -292,9 +355,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -311,7 +376,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -331,26 +400,41 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -360,7 +444,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
       "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -389,21 +475,30 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
     },
   },
   "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
-  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
     "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
       { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
         "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+            # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+            # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+            # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
       },
     ],
   },
@@ -411,34 +506,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -446,76 +565,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.
 
 Args:
@@ -523,7 +710,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+{ # Represents an Instance Template resource.
+    # 
+    # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -543,25 +732,46 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
             "a_key": "A String",
           },
@@ -570,14 +780,40 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -615,7 +851,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -630,9 +870,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -649,7 +891,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -669,26 +915,41 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -698,7 +959,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
       "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -727,36 +990,58 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
     },
   },
   "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
-  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+  "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
   "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
     "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
       { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
         "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+        "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+            # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+            # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+            # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+            # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
       },
     ],
   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -790,7 +1075,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -804,20 +1090,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of instance templates that are contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -825,7 +1117,9 @@ 
Method Details

     { # A list of instance templates.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceTemplate resources.
-    { # Represents an Instance Template resource. You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates.
+    { # Represents an Instance Template resource.
+        #
+        # You can use instance templates to create VM instances and managed instance groups. For more information, read Instance Templates. (== resource_for {$api_version}.instanceTemplates ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance template in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] A unique identifier for this instance template. The server defines this identifier.
@@ -845,25 +1139,46 @@ 
Method Details

           { # An instance-attached disk resource.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                #
+                # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                #
+                # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                #
+                # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                #
+                # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
             "diskSizeGb": "A String", # The size of the disk in GB.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
               { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
               },
             ],
             "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
               "description": "A String", # An optional description. Provide this property when creating the disk.
               "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
               "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                  # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                  #
+                  #
+                  # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                  # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                  # - projects/project/zones/zone/diskTypes/diskType
+                  # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
               "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
                 "a_key": "A String",
               },
@@ -872,14 +1187,40 @@ 
Method Details

               "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                 "A String",
               ],
-              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                  # projects/debian-cloud/global/images/family/debian-9
+                  #
+                  #
+                  # Alternatively, use a specific version of a public operating system image:
+                  # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                  #
+                  #
+                  # To create a disk with a custom image that you created, specify the image name in the following format:
+                  # global/images/my-custom-image
+                  #
+                  #
+                  # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                  # global/images/family/my-image-family
+                  #
+                  #
+                  # If the source image is deleted later, this field will not be set.
+              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
-              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                  # global/snapshots/my-backup
+                  #
+                  #
+                  # If the source snapshot is deleted later, this field will not be set.
               "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -917,7 +1258,11 @@ 
Method Details

                 "fileType": "A String", # The file type of source file.
               },
             },
-            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                #
+                # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
             "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
           },
         ],
@@ -932,9 +1277,11 @@ 
Method Details

         },
         "machineType": "A String", # The machine type to use for instances that are created from these properties.
         "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
           "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
+            {
               "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
               "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
             },
@@ -951,7 +1298,11 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -971,26 +1322,41 @@ 
Method Details

                 "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
             "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
             "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
             "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
             "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
             "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
           },
         ],
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
         "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
@@ -1000,7 +1366,9 @@ 
Method Details

           "A String",
         ],
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
           "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
           "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -1029,21 +1397,30 @@ 
Method Details

           "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
         },
         "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
             "A String",
           ],
         },
       },
       "selfLink": "A String", # [Output Only] The URL for this instance template. The server defines this URL.
-      "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance
+      "sourceInstance": "A String", # The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
       "sourceInstanceParams": { # A specification of the parameters to use when creating the instance template from a source instance. # The source instance params to use to create this instance template.
         "diskConfigs": [ # Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.
           { # A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
             "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
             "customImage": "A String", # The custom source image to be used to restore this disk when instantiating this instance template.
             "deviceName": "A String", # Specifies the device name of the disk to which the configurations apply to.
-            "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
+            "instantiateFrom": "A String", # Specifies whether to include the disk and what image to use. Possible values are:
+                # - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+                # - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks.
+                # - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks.
+                # - attach-read-only: to attach a read-only disk. Applicable to read-only disks.
+                # - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.
           },
         ],
       },
@@ -1054,7 +1431,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1080,7 +1458,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -1092,33 +1470,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1126,95 +1578,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1222,76 +1766,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1306,10 +1918,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.instances.html b/docs/dyn/compute_v1.instances.html
index 4d4cca0542d..ad9d4a4c675 100644
--- a/docs/dyn/compute_v1.instances.html
+++ b/docs/dyn/compute_v1.instances.html
@@ -75,64 +75,64 @@
 
Compute Engine API . instances

 
Instance Methods

 

-  addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)

 
Adds an access config to an instance's network interface.

 

-  addResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, zone, instance, body=None, requestId=None)

 
Adds existing resource policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves aggregated list of all of the instances in your project across all regions and zones.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None, x__xgafv=None)

+  attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None)

 
Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.

 

-  bulkInsert(project, zone, body=None, requestId=None, x__xgafv=None)

+  bulkInsert(project, zone, body=None, requestId=None)

 
Creates multiple instances. Count specifies the number of instances to create.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, instance, requestId=None, x__xgafv=None)

+  delete(project, zone, instance, requestId=None)

 
Deletes the specified Instance resource. For more information, see Deleting an instance.

 

-  deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None, x__xgafv=None)

+  deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None)

 
Deletes an access config from an instance's network interface.

 

-  detachDisk(project, zone, instance, deviceName, requestId=None, x__xgafv=None)

+  detachDisk(project, zone, instance, deviceName, requestId=None)

 
Detaches a disk from an instance.

 

-  get(project, zone, instance, x__xgafv=None)

+  get(project, zone, instance)

 
Returns the specified Instance resource. Gets a list of available instances by making a list() request.

 

-  getEffectiveFirewalls(project, zone, instance, networkInterface, x__xgafv=None)

+  getEffectiveFirewalls(project, zone, instance, networkInterface)

 
Returns effective firewalls applied to an interface of the instance.

 

-  getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None, x__xgafv=None)

+  getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None)

 
Returns the specified guest attributes entry.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  getScreenshot(project, zone, instance, x__xgafv=None)

+  getScreenshot(project, zone, instance)

 
Returns the screenshot from the specified instance.

 

-  getSerialPortOutput(project, zone, instance, port=None, start=None, x__xgafv=None)

+  getSerialPortOutput(project, zone, instance, port=None, start=None)

 
Returns the last 1 MB of serial port output from the specified instance.

 

-  getShieldedInstanceIdentity(project, zone, instance, x__xgafv=None)

+  getShieldedInstanceIdentity(project, zone, instance)

 
Returns the Shielded Instance Identity of an instance

 

-  insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None)

 
Creates an instance resource in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instances contained within the specified zone.

 

-  listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of resources that refer to the VM instance specified in the request. For example, if the VM instance is part of a managed or unmanaged instance group, the referrers list includes the instance group. For more information, read Viewing referrers to VM instances.

 

   listReferrers_next(previous_request, previous_response)

@@ -141,80 +141,80 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, zone, instance, body=None, requestId=None)

 
Removes resource policies from an instance.

 

-  reset(project, zone, instance, requestId=None, x__xgafv=None)

+  reset(project, zone, instance, requestId=None)

 
Performs a reset on the instance. This is a hard reset the VM does not do a graceful shutdown. For more information, see Resetting an instance.

 

-  setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None, x__xgafv=None)

+  setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None)

 
Sets deletion protection on the instance.

 

-  setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None, x__xgafv=None)

+  setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None)

 
Sets the auto-delete flag for a disk attached to an instance.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, zone, instance, body=None, requestId=None)

 
Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.

 

-  setMachineResources(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMachineResources(project, zone, instance, body=None, requestId=None)

 
Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.

 

-  setMachineType(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMachineType(project, zone, instance, body=None, requestId=None)

 
Changes the machine type for a stopped instance to the machine type specified in the request.

 

-  setMetadata(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMetadata(project, zone, instance, body=None, requestId=None)

 
Sets metadata for the specified instance to the data included in the request.

 

-  setMinCpuPlatform(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setMinCpuPlatform(project, zone, instance, body=None, requestId=None)

 
Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.

 

-  setScheduling(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setScheduling(project, zone, instance, body=None, requestId=None)

 
Sets an instance's scheduling options. You can only call this method on a stopped instance, that is, a VM instance that is in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.

 

-  setServiceAccount(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setServiceAccount(project, zone, instance, body=None, requestId=None)

 
Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.

 

-  setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None)

 
Sets the Shielded Instance integrity policy for an instance. You can only use this method on a running instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  setTags(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  setTags(project, zone, instance, body=None, requestId=None)

 
Sets network tags for the specified instance to the data included in the request.

 

-  simulateMaintenanceEvent(project, zone, instance, x__xgafv=None)

+  simulateMaintenanceEvent(project, zone, instance)

 
Simulates a maintenance event on the instance.

 

-  start(project, zone, instance, requestId=None, x__xgafv=None)

+  start(project, zone, instance, requestId=None)

 
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.

 

-  startWithEncryptionKey(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  startWithEncryptionKey(project, zone, instance, body=None, requestId=None)

 
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.

 

-  stop(project, zone, instance, requestId=None, x__xgafv=None)

+  stop(project, zone, instance, requestId=None)

 
Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 

-  update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, x__xgafv=None)

-
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See Updating a running instance for a list of updatable instance properties.

+  update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None)

+
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See  Updating a running instance for a list of updatable instance properties.

 

-  updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)

 
Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateDisplayDevice(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateDisplayDevice(project, zone, instance, body=None, requestId=None)

 
Updates the Display config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)

+  updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None)

 
Updates an instance's network interface. This method can only update an interface's alias IP range and attached network. See Modifying alias IP ranges for an existing instance for instructions on changing alias IP ranges. See Migrating a VM between networks for instructions on migrating an interface. This method follows PATCH semantics.

 

-  updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)

+  updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None)

 
Updates the Shielded Instance config for an instance. You can only use this method on a stopped instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 
Method Details

 

-    addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    addAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)
   
Adds an access config to an instance's network interface.
 
 Args:
@@ -231,22 +231,39 @@ 
Method Details

   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+      # 
+      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -280,7 +297,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -294,7 +312,7 @@ 
Method Details

 

 
 

-    addResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, zone, instance, body=None, requestId=None)
   
Adds existing resource policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.
 
 Args:
@@ -310,16 +328,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -353,7 +384,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -367,21 +399,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves aggregated list of all of the instances in your project across all regions and zones.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -391,12 +429,14 @@ 
Method Details

   "items": { # An object that contains a list of instances scoped by zone.
     "a_key": { # [Output Only] Name of the scope containing this set of instances.
       "instances": [ # [Output Only] A list of instances contained in this scope.
-        { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+        { # Represents an Instance resource.
+            #
+            # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
           "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
             "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
             "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
           },
-          "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+          "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
           "confidentialInstanceConfig": { # A set of Confidential Instance options.
             "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
           },
@@ -408,25 +448,46 @@ 
Method Details

             { # An instance-attached disk resource.
               "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
               "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-              "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-              "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+              "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                  #
+                  # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+              "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                  #
+                  # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                  #
+                  # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                  #
+                  # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
                 "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                 "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                 "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
                 "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
               },
               "diskSizeGb": "A String", # The size of the disk in GB.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
                 { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
                 },
               ],
               "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-              "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                  #
+                  # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                  #
+                  # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
                 "description": "A String", # An optional description. Provide this property when creating the disk.
                 "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
                 "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-                "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+                "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                    # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                    #
+                    #
+                    # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                    # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                    # - projects/project/zones/zone/diskTypes/diskType
+                    # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
                 "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
                   "a_key": "A String",
                 },
@@ -435,14 +496,40 @@ 
Method Details

                 "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
                   "A String",
                 ],
-                "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-                "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+                "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                    #
+                    # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                    # projects/debian-cloud/global/images/family/debian-9
+                    #
+                    #
+                    # Alternatively, use a specific version of a public operating system image:
+                    # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                    #
+                    #
+                    # To create a disk with a custom image that you created, specify the image name in the following format:
+                    # global/images/my-custom-image
+                    #
+                    #
+                    # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                    # global/images/family/my-image-family
+                    #
+                    #
+                    # If the source image is deleted later, this field will not be set.
+                "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                    #
+                    # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
                   "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                   "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
                   "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
                   "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
                 },
-                "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+                "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                    #
+                    # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                    # global/snapshots/my-backup
+                    #
+                    #
+                    # If the source snapshot is deleted later, this field will not be set.
                 "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
                   "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
                   "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -480,14 +567,20 @@ 
Method Details

                   "fileType": "A String", # The file type of source file.
                 },
               },
-              "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+              "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                  #
+                  # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
               "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
             },
           ],
           "displayDevice": { # A set of Display Device options # Enables display device for the instance.
             "enableDisplay": True or False, # Defines whether the instance has Display enabled.
           },
-          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+          "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
             { # A specification of the type and number of accelerator cards attached to the instance.
               "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -497,18 +590,32 @@ 
Method Details

           "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-          "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+          "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
           "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
             "a_key": "A String",
           },
           "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
           "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
           "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-          "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+          "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+              # zones/us-central1-f/machineTypes/n1-standard-1
+              #
+              #
+              # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+              # zones/zone/machineTypes/custom-CPUS-MEMORY
+              #
+              #
+              # For example: zones/us-central1-f/machineTypes/custom-4-5120
+              #
+              # For a full list of restrictions, read the Specifications for custom machine types.
           "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+                #
+                # To see the latest fingerprint, make a get() request to retrieve the resource.
             "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-              { # Metadata
+              {
                 "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
                 "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
               },
@@ -526,7 +633,11 @@ 
Method Details

                   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                      #
+                      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                      #
+                      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -546,26 +657,41 @@ 
Method Details

                   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                      #
+                      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                      #
+                      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
-              "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+              "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                  #
+                  # Valid only if stackType is IPV4_IPV6.
               "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
               "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
               "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-              "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+              "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                  #
+                  # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                  # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                  # - projects/project/global/networks/network
+                  # - global/networks/default
               "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
               "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-              "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-              "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+              "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                  #
+                  # This field can be both set at instance creation and update network interface operations.
+              "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                  # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                  # - regions/region/subnetworks/subnetwork
             },
           ],
-          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
           "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-            "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+            "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
             "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
             "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
               "A String",
@@ -576,7 +702,9 @@ 
Method Details

           ],
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-            "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+            "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+                #
+                # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
             "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
             "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
             "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -592,7 +720,9 @@ 
Method Details

             "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
           },
           "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-          "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+          "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+              #
+              # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
             { # A service account.
               "email": "A String", # Email address of the service account.
               "scopes": [ # The list of scopes to be made available for this service account.
@@ -609,10 +739,12 @@ 
Method Details

             "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
           },
           "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-          "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+          "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
           "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
           "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+            "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+                #
+                # To see the latest fingerprint, make get() request to the instance.
             "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
               "A String",
             ],
@@ -622,7 +754,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of instances when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -640,7 +773,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -666,7 +800,7 @@ 
Method Details

 

 
 

-    attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None, x__xgafv=None)
+    attachDisk(project, zone, instance, body=None, forceAttach=None, requestId=None)
   
Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.
 
 Args:
@@ -679,25 +813,46 @@ 
Method Details

 { # An instance-attached disk resource.
   "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
   "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-  "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-  "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+  "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+      # 
+      # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+  "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+      # 
+      # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+      # 
+      # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+      # 
+      # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      # 
+      # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "diskSizeGb": "A String", # The size of the disk in GB.
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-  "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+  "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+      # 
+      # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      #
+      # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
     "description": "A String", # An optional description. Provide this property when creating the disk.
     "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
     "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-    "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+    "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+        # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+        #
+        #
+        # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+        # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+        # - projects/project/zones/zone/diskTypes/diskType
+        # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
     "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
       "a_key": "A String",
     },
@@ -706,14 +861,40 @@ 
Method Details

     "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
       "A String",
     ],
-    "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-    "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+    "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+        #
+        # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+        # projects/debian-cloud/global/images/family/debian-9
+        #
+        #
+        # Alternatively, use a specific version of a public operating system image:
+        # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+        #
+        #
+        # To create a disk with a custom image that you created, specify the image name in the following format:
+        # global/images/my-custom-image
+        #
+        #
+        # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+        # global/images/family/my-image-family
+        #
+        #
+        # If the source image is deleted later, this field will not be set.
+    "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+        #
+        # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
       "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
       "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
     },
-    "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+    "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+        #
+        # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+        # global/snapshots/my-backup
+        #
+        #
+        # If the source snapshot is deleted later, this field will not be set.
     "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
       "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
       "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -751,21 +932,38 @@ 
Method Details

       "fileType": "A String", # The file type of source file.
     },
   },
-  "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+  "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+      # 
+      # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+      # 
+      # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
   "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
 }
 
   forceAttach: boolean, Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -799,7 +997,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -813,7 +1012,7 @@ 
Method Details

 

 
 

-    bulkInsert(project, zone, body=None, requestId=None, x__xgafv=None)
+    bulkInsert(project, zone, body=None, requestId=None)
   
Creates multiple instances. Count specifies the number of instances to create.
 
 Args:
@@ -838,25 +1037,46 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
             "a_key": "A String",
           },
@@ -865,14 +1085,40 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -910,7 +1156,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -925,9 +1175,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -944,7 +1196,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -964,26 +1220,41 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -993,7 +1264,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
       "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -1022,7 +1295,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -1036,25 +1311,45 @@ 
Method Details

     },
   },
   "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
-  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder # ...# can contain up to 18 characters.
+  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
   "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
     "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
       "name": "A String", # This field is only temporary. It will be removed. Do not use it.
     },
   },
-  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional.
+  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+      # 
+      # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+      # - projects/project/global/instanceTemplates/instanceTemplate
+      # - global/instanceTemplates/instanceTemplate
+      # 
+      # This field is optional.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1088,7 +1383,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1107,23 +1403,36 @@ 
Method Details

 

 
 

-    delete(project, zone, instance, requestId=None, x__xgafv=None)
+    delete(project, zone, instance, requestId=None)
   
Deletes the specified Instance resource. For more information, see Deleting an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1157,7 +1466,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1171,7 +1481,7 @@ 
Method Details

 

 
 

-    deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None, x__xgafv=None)
+    deleteAccessConfig(project, zone, instance, accessConfig, networkInterface, requestId=None)
   
Deletes an access config from an instance's network interface.
 
 Args:
@@ -1180,16 +1490,29 @@ 
Method Details

   instance: string, The instance name for this request. (required)
   accessConfig: string, The name of the access config to delete. (required)
   networkInterface: string, The name of the network interface. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1223,7 +1546,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1237,7 +1561,7 @@ 
Method Details

 

 
 

-    detachDisk(project, zone, instance, deviceName, requestId=None, x__xgafv=None)
+    detachDisk(project, zone, instance, deviceName, requestId=None)
   
Detaches a disk from an instance.
 
 Args:
@@ -1245,16 +1569,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Instance name for this request. (required)
   deviceName: string, The device name of the disk to detach. Make a get() request on the instance to view currently attached disks and device names. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1288,7 +1625,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1302,27 +1640,25 @@ 
Method Details

 

 
 

-    get(project, zone, instance, x__xgafv=None)
+    get(project, zone, instance)
   
Returns the specified Instance resource. Gets a list of available instances by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+    { # Represents an Instance resource.
+    #
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -1334,25 +1670,46 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
           "a_key": "A String",
         },
@@ -1361,14 +1718,40 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -1406,14 +1789,20 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
     },
   ],
   "displayDevice": { # A set of Display Device options # Enables display device for the instance.
     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      #
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -1423,18 +1812,32 @@ 
Method Details

   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      #
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      #
+      #
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      #
+      #
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      #
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -1452,7 +1855,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -1472,26 +1879,41 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -1502,7 +1924,9 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
     "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
     "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -1518,7 +1942,9 @@ 
Method Details

     "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      #
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -1535,10 +1961,12 @@ 
Method Details

     "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -1548,7 +1976,7 @@ 
Method Details

 

 
 

-    getEffectiveFirewalls(project, zone, instance, networkInterface, x__xgafv=None)
+    getEffectiveFirewalls(project, zone, instance, networkInterface)
   
Returns effective firewalls applied to an interface of the instance.
 
 Args:
@@ -1556,10 +1984,6 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
   networkInterface: string, The name of the network interface to get the effective firewalls. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1584,7 +2008,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -1608,11 +2034,15 @@ 
Method Details

     },
   ],
   "firewalls": [ # Effective firewalls on the instance.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -1621,7 +2051,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -1639,7 +2071,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -1663,7 +2100,7 @@ 
Method Details

 

 
 

-    getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None, x__xgafv=None)
+    getGuestAttributes(project, zone, instance, queryPath=None, variableKey=None)
   
Returns the specified guest attributes entry.
 
 Args:
@@ -1672,10 +2109,6 @@ 
Method Details

   instance: string, Name of the instance scoping this request. (required)
   queryPath: string, Specifies the guest attributes path to be queried.
   variableKey: string, Specifies the key for the guest attributes entry.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1699,7 +2132,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -1707,27 +2140,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1735,86 +2192,150 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    getScreenshot(project, zone, instance, x__xgafv=None)
+    getScreenshot(project, zone, instance)
   
Returns the screenshot from the specified instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1826,7 +2347,7 @@ 
Method Details

 

 
 

-    getSerialPortOutput(project, zone, instance, port=None, start=None, x__xgafv=None)
+    getSerialPortOutput(project, zone, instance, port=None, start=None)
   
Returns the last 1 MB of serial port output from the specified instance.
 
 Args:
@@ -1834,16 +2355,16 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance for this request. (required)
   port: integer, Specifies which COM or serial port to retrieve data from.
-  start: string, Specifies the starting byte position of the output to return. To start with the first byte of output to the specified port, omit this field or set it to `0`. If the output for that byte position is available, this field matches the `start` parameter sent with the request. If the amount of serial console output exceeds the size of the buffer (1 MB), the oldest output is discarded and is no longer available. If the requested start position refers to discarded output, the start position is adjusted to the oldest output still available, and the adjusted start position is returned as the `start` property value. You can also provide a negative start position, which translates to the most recent number of bytes written to the serial port. For example, -3 is interpreted as the most recent 3 bytes written to the serial console.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  start: string, Specifies the starting byte position of the output to return. To start with the first byte of output to the specified port, omit this field or set it to `0`.
+
+If the output for that byte position is available, this field matches the `start` parameter sent with the request. If the amount of serial console output exceeds the size of the buffer (1 MB), the oldest output is discarded and is no longer available. If the requested start position refers to discarded output, the start position is adjusted to the oldest output still available, and the adjusted start position is returned as the `start` property value.
+
+You can also provide a negative start position, which translates to the most recent number of bytes written to the serial port. For example, -3 is interpreted as the most recent 3 bytes written to the serial console.
 
 Returns:
   An object of the form:
 
-    { # An instance serial console output.
+    { # An instance's serial console output.
   "contents": "A String", # [Output Only] The contents of the console output.
   "kind": "compute#serialPortOutput", # [Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.
   "next": "A String", # [Output Only] The position of the next byte of content, regardless of whether the content exists, following the output returned in the `contents` property. Use this value in the next request as the start parameter.
@@ -1853,22 +2374,18 @@ 
Method Details

 

 
 

-    getShieldedInstanceIdentity(project, zone, instance, x__xgafv=None)
+    getShieldedInstanceIdentity(project, zone, instance)
   
Returns the Shielded Instance Identity of an instance
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name or id of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # A Shielded Instance Identity.
+    { # A shielded Instance identity entry.
   "encryptionKey": { # A Shielded Instance Identity Entry. # An Endorsement Key (EK) made by the RSA 2048 algorithm issued to the Shielded Instance's vTPM.
     "ekCert": "A String", # A PEM-encoded X.509 certificate. This field can be empty.
     "ekPub": "A String", # A PEM-encoded public key.
@@ -1882,7 +2399,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None, sourceInstanceTemplate=None)
   
Creates an instance resource in the specified project using the data included in the request.
 
 Args:
@@ -1891,12 +2408,14 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+{ # Represents an Instance resource.
+    # 
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -1908,25 +2427,46 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
           "a_key": "A String",
         },
@@ -1935,14 +2475,40 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -1980,14 +2546,20 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
     },
   ],
   "displayDevice": { # A set of Display Device options # Enables display device for the instance.
     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -1997,18 +2569,32 @@ 
Method Details

   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      # 
+      # 
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      # 
+      # 
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      # 
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -2026,7 +2612,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -2046,26 +2636,41 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -2076,7 +2681,9 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
     "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
     "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -2092,7 +2699,9 @@ 
Method Details

     "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      # 
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -2109,10 +2718,12 @@ 
Method Details

     "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -2120,17 +2731,35 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  sourceInstanceTemplate: string, Specifies instance template to create the instance. This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  sourceInstanceTemplate: string, Specifies instance template to create the instance.
+
+This field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template:  
+- https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate 
+- projects/project/global/instanceTemplates/instanceTemplate 
+- global/instanceTemplates/instanceTemplate
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2164,7 +2793,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2178,21 +2808,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instances contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2200,12 +2836,14 @@ 
Method Details

     { # Contains a list of instances.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Instance resources.
-    { # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+    { # Represents an Instance resource.
+        #
+        # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
       "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
         "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
         "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
       },
-      "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+      "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
       "confidentialInstanceConfig": { # A set of Confidential Instance options.
         "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
       },
@@ -2217,25 +2855,46 @@ 
Method Details

         { # An instance-attached disk resource.
           "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
           "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-          "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-          "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+          "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+              #
+              # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+          "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+              #
+              # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+              #
+              # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+              #
+              # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
           "diskSizeGb": "A String", # The size of the disk in GB.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
             { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+              "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
             },
           ],
           "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-          "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+              #
+              # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              #
+              # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
             "description": "A String", # An optional description. Provide this property when creating the disk.
             "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
             "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-            "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+            "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                #
+                #
+                # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                # - projects/project/zones/zone/diskTypes/diskType
+                # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
             "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
               "a_key": "A String",
             },
@@ -2244,14 +2903,40 @@ 
Method Details

             "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
               "A String",
             ],
-            "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-            "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+            "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                # projects/debian-cloud/global/images/family/debian-9
+                #
+                #
+                # Alternatively, use a specific version of a public operating system image:
+                # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                #
+                #
+                # To create a disk with a custom image that you created, specify the image name in the following format:
+                # global/images/my-custom-image
+                #
+                #
+                # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                # global/images/family/my-image-family
+                #
+                #
+                # If the source image is deleted later, this field will not be set.
+            "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
               "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
               "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
             },
-            "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+            "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                #
+                # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                # global/snapshots/my-backup
+                #
+                #
+                # If the source snapshot is deleted later, this field will not be set.
             "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
               "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
               "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -2289,14 +2974,20 @@ 
Method Details

               "fileType": "A String", # The file type of source file.
             },
           },
-          "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+          "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+              #
+              # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
           "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
         },
       ],
       "displayDevice": { # A set of Display Device options # Enables display device for the instance.
         "enableDisplay": True or False, # Defines whether the instance has Display enabled.
       },
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
         { # A specification of the type and number of accelerator cards attached to the instance.
           "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -2306,18 +2997,32 @@ 
Method Details

       "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-      "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+      "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
       "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
       "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
       "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-      "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+      "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+          # zones/us-central1-f/machineTypes/n1-standard-1
+          #
+          #
+          # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+          # zones/zone/machineTypes/custom-CPUS-MEMORY
+          #
+          #
+          # For example: zones/us-central1-f/machineTypes/custom-4-5120
+          #
+          # For a full list of restrictions, read the Specifications for custom machine types.
       "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+            #
+            # To see the latest fingerprint, make a get() request to retrieve the resource.
         "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-          { # Metadata
+          {
             "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
             "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
           },
@@ -2335,7 +3040,11 @@ 
Method Details

               "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                  #
+                  # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                  #
+                  # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -2355,26 +3064,41 @@ 
Method Details

               "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+              "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                  #
+                  # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                  #
+                  # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
-          "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+          "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+              #
+              # Valid only if stackType is IPV4_IPV6.
           "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
           "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
           "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-          "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+          "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+              #
+              # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+              # - projects/project/global/networks/network
+              # - global/networks/default
           "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
           "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-          "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-          "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+          "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+              #
+              # This field can be both set at instance creation and update network interface operations.
+          "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+              # - regions/region/subnetworks/subnetwork
         },
       ],
-      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
       "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-        "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+        "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
         "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
         "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
           "A String",
@@ -2385,7 +3109,9 @@ 
Method Details

       ],
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-        "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+        "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+            #
+            # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
         "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
         "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
         "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -2401,7 +3127,9 @@ 
Method Details

         "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-      "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+      "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+          #
+          # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
         { # A service account.
           "email": "A String", # Email address of the service account.
           "scopes": [ # The list of scopes to be made available for this service account.
@@ -2418,10 +3146,12 @@ 
Method Details

         "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
       },
       "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-      "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+      "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
       "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
       "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+            #
+            # To see the latest fingerprint, make get() request to the instance.
         "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
           "A String",
         ],
@@ -2434,7 +3164,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2446,22 +3177,28 @@ 
Method Details

 

 
 

-    listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listReferrers(project, zone, instance, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of resources that refer to the VM instance specified in the request. For example, if the VM instance is part of a managed or unmanaged instance group, the referrers list includes the instance group. For more information, read Viewing referrers to VM instances.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the target instance scoping this request, or '-' if the request should span over all instances in the container. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2471,7 +3208,8 @@ 
Method Details

   "items": [ # A list of Reference resources.
     { # Represents a reference to a resource.
       "kind": "compute#reference", # [Output Only] Type of the resource. Always compute#reference for references.
-      "referenceType": "A String", # A description of the reference type with no implied semantics. Possible values include: 1. MEMBER_OF
+      "referenceType": "A String", # A description of the reference type with no implied semantics. Possible values include:
+          # - MEMBER_OF
       "referrer": "A String", # URL of the resource which refers to the target.
       "target": "A String", # URL of the resource to which this reference points.
     },
@@ -2481,7 +3219,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2521,7 +3260,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, zone, instance, body=None, requestId=None)
   
Removes resource policies from an instance.
 
 Args:
@@ -2537,16 +3276,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2580,7 +3332,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2594,23 +3347,36 @@ 
Method Details

 

 
 

-    reset(project, zone, instance, requestId=None, x__xgafv=None)
+    reset(project, zone, instance, requestId=None)
   
Performs a reset on the instance. This is a hard reset the VM does not do a graceful shutdown. For more information, see Resetting an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2644,7 +3410,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2658,7 +3425,7 @@ 
Method Details

 

 
 

-    setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None, x__xgafv=None)
+    setDeletionProtection(project, zone, resource, deletionProtection=None, requestId=None)
   
Sets deletion protection on the instance.
 
 Args:
@@ -2666,16 +3433,29 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   deletionProtection: boolean, Whether the resource should be protected against deletion.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2709,7 +3489,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2723,7 +3504,7 @@ 
Method Details

 

 
 

-    setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None, x__xgafv=None)
+    setDiskAutoDelete(project, zone, instance, autoDelete, deviceName, requestId=None)
   
Sets the auto-delete flag for a disk attached to an instance.
 
 Args:
@@ -2732,16 +3513,29 @@ 
Method Details

   instance: string, The instance name for this request. (required)
   autoDelete: boolean, Whether to auto-delete the disk when the instance is deleted. (required)
   deviceName: string, The device name of the disk to modify. Make a get() request on the instance to view currently attached disks and device names. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2775,7 +3569,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2789,7 +3584,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -2802,33 +3597,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -2836,95 +3705,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -2932,76 +3893,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, zone, instance, body=None, requestId=None)
   
Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -3018,16 +4047,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3061,7 +4103,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3075,7 +4118,7 @@ 
Method Details

 

 
 

-    setMachineResources(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMachineResources(project, zone, instance, body=None, requestId=None)
   
Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.
 
 Args:
@@ -3094,16 +4137,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3137,7 +4193,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3151,7 +4208,7 @@ 
Method Details

 

 
 

-    setMachineType(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMachineType(project, zone, instance, body=None, requestId=None)
   
Changes the machine type for a stopped instance to the machine type specified in the request.
 
 Args:
@@ -3165,16 +4222,29 @@ 
Method Details

   "machineType": "A String", # Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3208,7 +4278,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3222,7 +4293,7 @@ 
Method Details

 

 
 

-    setMetadata(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMetadata(project, zone, instance, body=None, requestId=None)
   
Sets metadata for the specified instance to the data included in the request.
 
 Args:
@@ -3233,9 +4304,11 @@ 
Method Details

     The object takes the form of:
 
 { # A metadata key/value entry.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve the resource.
   "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-    { # Metadata
+    {
       "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
       "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
     },
@@ -3243,16 +4316,29 @@ 
Method Details

   "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3286,7 +4372,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3300,7 +4387,7 @@ 
Method Details

 

 
 

-    setMinCpuPlatform(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setMinCpuPlatform(project, zone, instance, body=None, requestId=None)
   
Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.
 
 Args:
@@ -3314,16 +4401,29 @@ 
Method Details

   "minCpuPlatform": "A String", # Minimum cpu/platform this instance should be started at.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3357,7 +4457,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3371,7 +4472,7 @@ 
Method Details

 

 
 

-    setScheduling(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setScheduling(project, zone, instance, body=None, requestId=None)
   
Sets an instance's scheduling options. You can only call this method on a stopped instance, that is, a VM instance that is in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
 
 Args:
@@ -3382,7 +4483,9 @@ 
Method Details

     The object takes the form of:
 
 { # Sets the scheduling options for an Instance. NextID: 21
-  "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+  "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+      # 
+      # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
   "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
   "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
   "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -3398,16 +4501,29 @@ 
Method Details

   "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3441,7 +4557,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3455,7 +4572,7 @@ 
Method Details

 

 
 

-    setServiceAccount(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setServiceAccount(project, zone, instance, body=None, requestId=None)
   
Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.
 
 Args:
@@ -3472,16 +4589,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3515,7 +4645,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3529,7 +4660,7 @@ 
Method Details

 

 
 

-    setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setShieldedInstanceIntegrityPolicy(project, zone, instance, body=None, requestId=None)
   
Sets the Shielded Instance integrity policy for an instance. You can only use this method on a running instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -3543,16 +4674,29 @@ 
Method Details

   "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3586,7 +4730,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3600,7 +4745,7 @@ 
Method Details

 

 
 

-    setTags(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    setTags(project, zone, instance, body=None, requestId=None)
   
Sets network tags for the specified instance to the data included in the request.
 
 Args:
@@ -3611,22 +4756,37 @@ 
Method Details

     The object takes the form of:
 
 { # A set of instance tags.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
     "A String",
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3660,7 +4820,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3674,22 +4835,31 @@ 
Method Details

 

 
 

-    simulateMaintenanceEvent(project, zone, instance, x__xgafv=None)
+    simulateMaintenanceEvent(project, zone, instance)
   
Simulates a maintenance event on the instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance scoping this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3723,7 +4893,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3737,23 +4908,36 @@ 
Method Details

 

 
 

-    start(project, zone, instance, requestId=None, x__xgafv=None)
+    start(project, zone, instance, requestId=None)
   
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to start. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3787,7 +4971,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3801,7 +4986,7 @@ 
Method Details

 

 
 

-    startWithEncryptionKey(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    startWithEncryptionKey(project, zone, instance, body=None, requestId=None)
   
Starts an instance that was stopped using the instances().stop method. For more information, see Restart an instance.
 
 Args:
@@ -3812,7 +4997,11 @@ 
Method Details

     The object takes the form of:
 
 {
-  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key. In order to start the instance, the disk url and its corresponding key must be provided. If the disk is not protected with a customer-supplied encryption key it should not be specified.
+  "disks": [ # Array of disks associated with this instance that are protected with a customer-supplied encryption key.
+      # 
+      # In order to start the instance, the disk url and its corresponding key must be provided.
+      # 
+      # If the disk is not protected with a customer-supplied encryption key it should not be specified.
     {
       "diskEncryptionKey": { # Decrypts data associated with the disk with a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
@@ -3825,16 +5014,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3868,7 +5070,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3882,23 +5085,36 @@ 
Method Details

 

 
 

-    stop(project, zone, instance, requestId=None, x__xgafv=None)
+    stop(project, zone, instance, requestId=None)
   
Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   instance: string, Name of the instance resource to stop. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3932,7 +5148,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3946,7 +5163,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -3962,10 +5179,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -3978,8 +5191,8 @@ 
Method Details

 

 
 

-    update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None, x__xgafv=None)
-  
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See Updating a running instance for a list of updatable instance properties.
+    update(project, zone, instance, body=None, minimalAction=None, mostDisruptiveAllowedAction=None, requestId=None)
+  
Updates an instance only if the necessary resources are available. This method can update only a specific set of instance properties. See  Updating a running instance for a list of updatable instance properties.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -3988,12 +5201,14 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Instance resource. An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances.
+{ # Represents an Instance resource.
+    # 
+    # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
   "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
     "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
     "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
   },
-  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding .
+  "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
   "confidentialInstanceConfig": { # A set of Confidential Instance options.
     "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
   },
@@ -4005,25 +5220,46 @@ 
Method Details

     { # An instance-attached disk resource.
       "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
       "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+      "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+          #
+          # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+      "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+          #
+          # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+          #
+          # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+          #
+          # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+          #
+          # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "diskSizeGb": "A String", # The size of the disk in GB.
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+      "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+          #
+          # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
         "description": "A String", # An optional description. Provide this property when creating the disk.
         "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
         "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+        "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+            #
+            #
+            # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+            # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+            # - projects/project/zones/zone/diskTypes/diskType
+            # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
         "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
           "a_key": "A String",
         },
@@ -4032,14 +5268,40 @@ 
Method Details

         "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
           "A String",
         ],
-        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+        "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+            # projects/debian-cloud/global/images/family/debian-9
+            #
+            #
+            # Alternatively, use a specific version of a public operating system image:
+            # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+            #
+            #
+            # To create a disk with a custom image that you created, specify the image name in the following format:
+            # global/images/my-custom-image
+            #
+            #
+            # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+            # global/images/family/my-image-family
+            #
+            #
+            # If the source image is deleted later, this field will not be set.
+        "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
-        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+        "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+            #
+            # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+            # global/snapshots/my-backup
+            #
+            #
+            # If the source snapshot is deleted later, this field will not be set.
         "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -4077,14 +5339,20 @@ 
Method Details

           "fileType": "A String", # The file type of source file.
         },
       },
-      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+      "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+          #
+          # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+          #
+          # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
       "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
     },
   ],
   "displayDevice": { # A set of Display Device options # Enables display device for the instance.
     "enableDisplay": True or False, # Defines whether the instance has Display enabled.
   },
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance. To see the latest fingerprint, make get() request to the instance.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -4094,18 +5362,32 @@ 
Method Details

   "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
-  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. To see the latest fingerprint, make get() request to the instance.
+  "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+      # 
+      # To see the latest fingerprint, make get() request to the instance.
   "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
   "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
   "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
   "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
-  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type: zones/us-central1-f/machineTypes/n1-standard-1 To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB): zones/zone/machineTypes/custom-CPUS-MEMORY For example: zones/us-central1-f/machineTypes/custom-4-5120 For a full list of restrictions, read the Specifications for custom machine types.
+  "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+      # zones/us-central1-f/machineTypes/n1-standard-1
+      # 
+      # 
+      # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+      # zones/zone/machineTypes/custom-CPUS-MEMORY
+      # 
+      # 
+      # For example: zones/us-central1-f/machineTypes/custom-4-5120
+      # 
+      # For a full list of restrictions, read the Specifications for custom machine types.
   "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -4123,7 +5405,11 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -4143,26 +5429,41 @@ 
Method Details

           "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+          "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+              #
+              # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+              #
+              # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
-      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+      "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+          #
+          # Valid only if stackType is IPV4_IPV6.
       "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
       "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
       "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+      "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+          #
+          # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+          # - projects/project/global/networks/network
+          # - global/networks/default
       "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
       "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+      "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+          #
+          # This field can be both set at instance creation and update network interface operations.
+      "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+          # - regions/region/subnetworks/subnetwork
     },
   ],
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
   "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
-    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+    "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
     "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
     "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
       "A String",
@@ -4173,7 +5474,9 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
-    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+    "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+        #
+        # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
     "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
     "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
     "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -4189,7 +5492,9 @@ 
Method Details

     "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
-  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+  "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+      # 
+      # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
     { # A service account.
       "email": "A String", # Email address of the service account.
       "scopes": [ # The list of scopes to be made available for this service account.
@@ -4206,10 +5511,12 @@ 
Method Details

     "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
   },
   "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
-  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see Instance life cycle.
+  "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
   "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+        #
+        # To see the latest fingerprint, make get() request to the instance.
     "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
       "A String",
     ],
@@ -4220,25 +5527,38 @@ 
Method Details

   minimalAction: string, Specifies the action to take when updating an instance even if the updated properties do not require it. If not specified, then Compute Engine acts based on the minimum action that the updated properties require.
     Allowed values
       INVALID - 
-      NO_EFFECT - No changes can be made to the instance.
-      REFRESH - The instance will not restart.
-      RESTART - The instance will restart.
+      NO_EFFECT - 
+      REFRESH - 
+      RESTART - 
   mostDisruptiveAllowedAction: string, Specifies the most disruptive action that can be taken on the instance as part of the update. Compute Engine returns an error if the instance properties require a more disruptive action as part of the instance update. Valid options from lowest to highest are NO_EFFECT, REFRESH, and RESTART.
     Allowed values
       INVALID - 
-      NO_EFFECT - No changes can be made to the instance.
-      REFRESH - The instance will not restart.
-      RESTART - The instance will restart.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+      NO_EFFECT - 
+      REFRESH - 
+      RESTART - 
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4272,7 +5592,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4286,7 +5607,7 @@ 
Method Details

 

 
 

-    updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    updateAccessConfig(project, zone, instance, networkInterface, body=None, requestId=None)
   
Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4303,22 +5624,39 @@ 
Method Details

   "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+  "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+      # 
+      # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+      # 
+      # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4352,7 +5690,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4366,7 +5705,7 @@ 
Method Details

 

 
 

-    updateDisplayDevice(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateDisplayDevice(project, zone, instance, body=None, requestId=None)
   
Updates the Display config for a VM instance. You can only use this method on a stopped VM instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4380,16 +5719,29 @@ 
Method Details

   "enableDisplay": True or False, # Defines whether the instance has Display enabled.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4423,7 +5775,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4437,7 +5790,7 @@ 
Method Details

 

 
 

-    updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None, x__xgafv=None)
+    updateNetworkInterface(project, zone, instance, networkInterface, body=None, requestId=None)
   
Updates an instance's network interface. This method can only update an interface's alias IP range and attached network. See Modifying alias IP ranges for an existing instance for instructions on changing alias IP ranges. See Migrating a VM between networks for instructions on migrating an interface. This method follows PATCH semantics.
 
 Args:
@@ -4456,7 +5809,11 @@ 
Method Details

       "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+          #
+          # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+          #
+          # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -4476,33 +5833,61 @@ 
Method Details

       "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+      "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+          #
+          # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+          #
+          # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],
-  "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+  "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+      # 
+      # Valid only if stackType is IPV4_IPV6.
   "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
   "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
   "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-  "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+  "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+      # 
+      # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+      # - projects/project/global/networks/network
+      # - global/networks/default
   "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
   "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-  "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-  "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+  "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+      # 
+      # This field can be both set at instance creation and update network interface operations.
+  "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+      # - regions/region/subnetworks/subnetwork
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4536,7 +5921,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -4550,7 +5936,7 @@ 
Method Details

 

 
 

-    updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None, x__xgafv=None)
+    updateShieldedInstanceConfig(project, zone, instance, body=None, requestId=None)
   
Updates the Shielded Instance config for an instance. You can only use this method on a stopped instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -4566,16 +5952,29 @@ 
Method Details

   "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -4609,7 +6008,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.interconnectAttachments.html b/docs/dyn/compute_v1.interconnectAttachments.html
index 1e2b74e70ac..01498e4f1b3 100644
--- a/docs/dyn/compute_v1.interconnectAttachments.html
+++ b/docs/dyn/compute_v1.interconnectAttachments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . interconnectAttachments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of interconnect attachments.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, interconnectAttachment, requestId=None, x__xgafv=None)

+  delete(project, region, interconnectAttachment, requestId=None)

 
Deletes the specified interconnect attachment.

 

-  get(project, region, interconnectAttachment, x__xgafv=None)

+  get(project, region, interconnectAttachment)

 
Returns the specified interconnect attachment.

 

-  insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, validateOnly=None)

 
Creates an InterconnectAttachment in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect attachments contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, interconnectAttachment, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, interconnectAttachment, body=None, requestId=None)

 
Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of interconnect attachments.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -127,9 +133,23 @@ 
Method Details

   "items": { # A list of InterconnectAttachmentsScopedList resources.
     "a_key": { # Name of the scope containing this set of interconnect attachments.
       "interconnectAttachments": [ # A list of interconnect attachments contained in this scope.
-        { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+        { # Represents an Interconnect Attachment (VLAN) resource.
+            #
+            # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
           "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-          "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+          "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+              # - BPS_50M: 50 Mbit/s
+              # - BPS_100M: 100 Mbit/s
+              # - BPS_200M: 200 Mbit/s
+              # - BPS_300M: 300 Mbit/s
+              # - BPS_400M: 400 Mbit/s
+              # - BPS_500M: 500 Mbit/s
+              # - BPS_1G: 1 Gbit/s
+              # - BPS_2G: 2 Gbit/s
+              # - BPS_5G: 5 Gbit/s
+              # - BPS_10G: 10 Gbit/s
+              # - BPS_20G: 20 Gbit/s
+              # - BPS_50G: 50 Gbit/s
           "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
             "A String",
           ],
@@ -138,18 +158,27 @@ 
Method Details

           "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
           "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
           "description": "A String", # An optional description of this resource.
-          "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-          "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+          "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+              # - AVAILABILITY_DOMAIN_ANY
+              # - AVAILABILITY_DOMAIN_1
+              # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+          "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+              # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+              # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+              # Not currently available publicly.
           "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-          "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+          "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+              # Not currently available publicly.
             "A String",
           ],
           "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
           "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+          "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+              # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+              # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
           "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
           "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
           "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -163,14 +192,24 @@ 
Method Details

           "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-          "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+          "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+              # - ACTIVE: The attachment has been turned up and is ready to use.
+              # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+              # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+              # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+              # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+              # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+          "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+              # - DEDICATED: an attachment to a Dedicated Interconnect.
+              # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+              # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
           "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
         },
       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -188,7 +227,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -219,23 +259,36 @@ 
Method Details

 

 
 

-    delete(project, region, interconnectAttachment, requestId=None, x__xgafv=None)
+    delete(project, region, interconnectAttachment, requestId=None)
   
Deletes the specified interconnect attachment.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   interconnectAttachment: string, Name of the interconnect attachment to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -269,7 +322,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -283,24 +337,34 @@ 
Method Details

 

 
 

-    get(project, region, interconnectAttachment, x__xgafv=None)
+    get(project, region, interconnectAttachment)
   
Returns the specified interconnect attachment.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   interconnectAttachment: string, Name of the interconnect attachment to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) resource.
+    #
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
     "A String",
   ],
@@ -309,18 +373,27 @@ 
Method Details

   "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -334,14 +407,23 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }

 

 
 

-    insert(project, region, body=None, requestId=None, validateOnly=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, validateOnly=None)
   
Creates an InterconnectAttachment in the specified project using the data included in the request.
 
 Args:
@@ -350,9 +432,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+{ # Represents an Interconnect Attachment (VLAN) resource.
+    # 
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
     "A String",
   ],
@@ -361,18 +457,27 @@ 
Method Details

   "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -386,22 +491,44 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   validateOnly: boolean, If true, the request will not be committed.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -435,7 +562,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -449,21 +577,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect attachments contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -471,9 +605,23 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnect attachments.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InterconnectAttachment resources.
-    { # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) resource.
+        #
+        # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
       "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-      "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+      "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+          # - BPS_50M: 50 Mbit/s
+          # - BPS_100M: 100 Mbit/s
+          # - BPS_200M: 200 Mbit/s
+          # - BPS_300M: 300 Mbit/s
+          # - BPS_400M: 400 Mbit/s
+          # - BPS_500M: 500 Mbit/s
+          # - BPS_1G: 1 Gbit/s
+          # - BPS_2G: 2 Gbit/s
+          # - BPS_5G: 5 Gbit/s
+          # - BPS_10G: 10 Gbit/s
+          # - BPS_20G: 20 Gbit/s
+          # - BPS_50G: 50 Gbit/s
       "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
         "A String",
       ],
@@ -482,18 +630,27 @@ 
Method Details

       "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
       "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
       "description": "A String", # An optional description of this resource.
-      "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-      "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+      "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+          # - AVAILABILITY_DOMAIN_ANY
+          # - AVAILABILITY_DOMAIN_1
+          # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+      "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+          # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+          # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+          # Not currently available publicly.
       "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-      "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+      "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+          # Not currently available publicly.
         "A String",
       ],
       "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
       "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+          # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+          # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
       "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
       "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
       "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -507,8 +664,17 @@ 
Method Details

       "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-      "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+      "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+          # - ACTIVE: The attachment has been turned up and is ready to use.
+          # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+          # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+          # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+          # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+          # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+      "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+          # - DEDICATED: an attachment to a Dedicated Interconnect.
+          # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+          # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
       "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
     },
   ],
@@ -517,7 +683,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -543,7 +710,7 @@ 
Method Details

 

 
 

-    patch(project, region, interconnectAttachment, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, interconnectAttachment, body=None, requestId=None)
   
Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -553,9 +720,23 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect Attachment (VLAN) resource. You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read Creating VLAN Attachments.
+{ # Represents an Interconnect Attachment (VLAN) resource.
+    # 
+    # You can use Interconnect attachments (VLANS) to connect your Virtual Private Cloud networks to your on-premises networks through an Interconnect. For more information, read  Creating VLAN Attachments. (== resource_for {$api_version}.interconnectAttachments ==)
   "adminEnabled": True or False, # Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.
-  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s
+  "bandwidth": "A String", # Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values:
+      # - BPS_50M: 50 Mbit/s
+      # - BPS_100M: 100 Mbit/s
+      # - BPS_200M: 200 Mbit/s
+      # - BPS_300M: 300 Mbit/s
+      # - BPS_400M: 400 Mbit/s
+      # - BPS_500M: 500 Mbit/s
+      # - BPS_1G: 1 Gbit/s
+      # - BPS_2G: 2 Gbit/s
+      # - BPS_5G: 5 Gbit/s
+      # - BPS_10G: 10 Gbit/s
+      # - BPS_20G: 20 Gbit/s
+      # - BPS_50G: 50 Gbit/s
   "candidateSubnets": [ # Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google's edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.
     "A String",
   ],
@@ -564,18 +745,27 @@ 
Method Details

   "customerRouterIpAddress": "A String", # [Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.
   "dataplaneVersion": 42, # [Output Only] Dataplane version for this InterconnectAttachment.
   "description": "A String", # An optional description of this resource.
-  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
-  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *IPsec-encrypted Cloud Interconnect*, the VLAN attachment must be created with this option. Not currently available publicly.
+  "edgeAvailabilityDomain": "A String", # Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values:
+      # - AVAILABILITY_DOMAIN_ANY
+      # - AVAILABILITY_DOMAIN_1
+      # - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+  "encryption": "A String", # Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are:
+      # - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment.
+      # - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use IPsec-encrypted Cloud Interconnect, the VLAN attachment must be created with this option.
+      # Not currently available publicly.
   "googleReferenceId": "A String", # [Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues. [Deprecated] This field is not used.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interconnect": "A String", # URL of the underlying Interconnect object that this attachment's traffic will traverse through.
-  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool. Not currently available publicly.
+  "ipsecInternalAddresses": [ # List of URL of addresses that have been reserved for the VLAN attachment. Used only for the VLAN attachment that has the encryption option as IPSEC. The addresses must be regional internal IP address ranges. When creating an HA VPN gateway over the VLAN attachment, if the attachment is configured to use a regional internal IP address, then the VPN gateway's IP address is allocated from the IP address range specified here. For example, if the HA VPN gateway's interface 0 is paired to this VLAN attachment, then a regional internal IP address for the VPN gateway interface 0 will be allocated from the IP address specified for this VLAN attachment. If this field is not specified when creating the VLAN attachment, then later on when creating an HA VPN gateway on this VLAN attachment, the HA VPN gateway's IP address is allocated from the regional external IP address pool.
+      # Not currently available publicly.
     "A String",
   ],
   "kind": "compute#interconnectAttachment", # [Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.
   "mtu": 42, # Maximum Transmission Unit (MTU), in bytes, of packets passing through this interconnect attachment. Only 1440 and 1500 are allowed. If not specified, the value will default to 1440.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values: - OS_ACTIVE: The attachment has been turned up and is ready to use. - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+  "operationalStatus": "A String", # [Output Only] The current status of whether or not this interconnect attachment is functional, which can take one of the following values:
+      # - OS_ACTIVE: The attachment has been turned up and is ready to use.
+      # - OS_UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
   "pairingKey": "A String", # [Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. The opaque identifier of an PARTNER attachment used to initiate provisioning with a selected partner. Of the form "XXXXX/region/domain"
   "partnerAsn": "A String", # Optional BGP ASN for the router supplied by a Layer 3 Partner if they configured BGP on behalf of the customer. Output only for PARTNER type, input only for PARTNER_PROVIDER, not available for DEDICATED.
   "partnerMetadata": { # Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. # Informational metadata about Partner attachments from Partners to display to customers. Output only for for PARTNER type, mutable for PARTNER_PROVIDER, not available for DEDICATED.
@@ -589,21 +779,43 @@ 
Method Details

   "region": "A String", # [Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "router": "A String", # URL of the Cloud Router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values: - ACTIVE: The attachment has been turned up and is ready to use. - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete. - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side. - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it. - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it. - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
-  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
+  "state": "A String", # [Output Only] The current state of this attachment's functionality. Enum values ACTIVE and UNPROVISIONED are shared by DEDICATED/PRIVATE, PARTNER, and PARTNER_PROVIDER interconnect attachments, while enum values PENDING_PARTNER, PARTNER_REQUEST_RECEIVED, and PENDING_CUSTOMER are used for only PARTNER and PARTNER_PROVIDER interconnect attachments. This state can take one of the following values:
+      # - ACTIVE: The attachment has been turned up and is ready to use.
+      # - UNPROVISIONED: The attachment is not ready to use yet, because turnup is not complete.
+      # - PENDING_PARTNER: A newly-created PARTNER attachment that has not yet been configured on the Partner side.
+      # - PARTNER_REQUEST_RECEIVED: A PARTNER attachment is in the process of provisioning after a PARTNER_PROVIDER attachment was created that references it.
+      # - PENDING_CUSTOMER: A PARTNER or PARTNER_PROVIDER attachment that is waiting for a customer to activate it.
+      # - DEFUNCT: The attachment was deleted externally and is no longer functional. This could be because the associated Interconnect was removed, or because the other side of a Partner attachment was deleted.
+  "type": "A String", # The type of interconnect attachment this is, which can take one of the following values:
+      # - DEDICATED: an attachment to a Dedicated Interconnect.
+      # - PARTNER: an attachment to a Partner Interconnect, created by the customer.
+      # - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner.
   "vlanTag8021q": 42, # The IEEE 802.1Q VLAN tag for this attachment, in the range 2-4094. Only specified at creation time.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -637,7 +849,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.interconnectLocations.html b/docs/dyn/compute_v1.interconnectLocations.html
index d9bd8a3e4ff..6825a67167e 100644
--- a/docs/dyn/compute_v1.interconnectLocations.html
+++ b/docs/dyn/compute_v1.interconnectLocations.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, interconnectLocation, x__xgafv=None)

+  get(project, interconnectLocation)

 
Returns the details for the specified interconnect location. Gets a list of available interconnect locations by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect locations available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,25 +93,28 @@ 
Method Details

 

 
 

-    get(project, interconnectLocation, x__xgafv=None)
+    get(project, interconnectLocation)
   
Returns the details for the specified interconnect location. Gets a list of available interconnect locations by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnectLocation: string, Name of the interconnect location to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect Attachment (VLAN) Location resource. You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) Location resource.
+    #
+    # You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read  Creating VLAN Attachments.
   "address": "A String", # [Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.
   "availabilityZone": "A String", # [Output Only] Availability zone for this InterconnectLocation. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: "zone1" or "zone2".
   "city": "A String", # [Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: "Chicago, IL", "Amsterdam, Netherlands".
-  "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values: - AFRICA - ASIA_PAC - EUROPE - NORTH_AMERICA - SOUTH_AMERICA
+  "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values:
+      # - AFRICA
+      # - ASIA_PAC
+      # - EUROPE
+      # - NORTH_AMERICA
+      # - SOUTH_AMERICA
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # [Output Only] An optional description of the resource.
   "facilityProvider": "A String", # [Output Only] The name of the provider for this facility (e.g., EQUINIX).
@@ -128,25 +131,33 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values: - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects. - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
+  "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values:
+      # - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects.
+      # - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
 }

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect locations available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -154,11 +165,18 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnect locations.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InterconnectLocation resources.
-    { # Represents an Interconnect Attachment (VLAN) Location resource. You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read Creating VLAN Attachments.
+    { # Represents an Interconnect Attachment (VLAN) Location resource.
+        #
+        # You can use this resource to find location details about an Interconnect attachment (VLAN). For more information about interconnect attachments, read  Creating VLAN Attachments.
       "address": "A String", # [Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.
       "availabilityZone": "A String", # [Output Only] Availability zone for this InterconnectLocation. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: "zone1" or "zone2".
       "city": "A String", # [Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: "Chicago, IL", "Amsterdam, Netherlands".
-      "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values: - AFRICA - ASIA_PAC - EUROPE - NORTH_AMERICA - SOUTH_AMERICA
+      "continent": "A String", # [Output Only] Continent for this location, which can take one of the following values:
+          # - AFRICA
+          # - ASIA_PAC
+          # - EUROPE
+          # - NORTH_AMERICA
+          # - SOUTH_AMERICA
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # [Output Only] An optional description of the resource.
       "facilityProvider": "A String", # [Output Only] The name of the provider for this facility (e.g., EQUINIX).
@@ -175,7 +193,9 @@ 
Method Details

         },
       ],
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values: - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects. - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
+      "status": "A String", # [Output Only] The status of this InterconnectLocation, which can take one of the following values:
+          # - CLOSED: The InterconnectLocation is closed and is unavailable for provisioning new Interconnects.
+          # - AVAILABLE: The InterconnectLocation is available for provisioning new Interconnects.
     },
   ],
   "kind": "compute#interconnectLocationList", # [Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.
@@ -183,7 +203,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.interconnects.html b/docs/dyn/compute_v1.interconnects.html
index e5150f72560..2be32e1ad94 100644
--- a/docs/dyn/compute_v1.interconnects.html
+++ b/docs/dyn/compute_v1.interconnects.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, interconnect, requestId=None, x__xgafv=None)

+  delete(project, interconnect, requestId=None)

 
Deletes the specified interconnect.

 

-  get(project, interconnect, x__xgafv=None)

+  get(project, interconnect)

 
Returns the specified interconnect. Get a list of available interconnects by making a list() request.

 

-  getDiagnostics(project, interconnect, x__xgafv=None)

+  getDiagnostics(project, interconnect)

 
Returns the interconnectDiagnostics for the specified interconnect.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a Interconnect in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of interconnect available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, interconnect, body=None, requestId=None, x__xgafv=None)

+  patch(project, interconnect, body=None, requestId=None)

 
Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, interconnect, requestId=None, x__xgafv=None)
+    delete(project, interconnect, requestId=None)
   
Deletes the specified interconnect.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,21 +182,19 @@ 
Method Details

 

 
 

-    get(project, interconnect, x__xgafv=None)
+    get(project, interconnect)
   
Returns the specified interconnect. Get a list of available interconnects by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+    { # Represents an Interconnect resource.
+    #
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -201,11 +213,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -214,32 +232,38 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }

 

 
 

-    getDiagnostics(project, interconnect, x__xgafv=None)
+    getDiagnostics(project, interconnect)
   
Returns the interconnectDiagnostics for the specified interconnect.
 
 Args:
   project: string, Project ID for this request. (required)
   interconnect: string, Name of the interconnect resource to query. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -265,14 +289,26 @@ 
Method Details

         "lacpStatus": {
           "googleSystemId": "A String", # System ID of the port on Google's side of the LACP exchange.
           "neighborSystemId": "A String", # System ID of the port on the neighbor's side of the LACP exchange.
-          "state": "A String", # The state of a LACP link, which can take one of the following values: - ACTIVE: The link is configured and active within the bundle. - DETACHED: The link is not configured within the bundle. This means that the rest of the object should be empty.
+          "state": "A String", # The state of a LACP link, which can take one of the following values:
+              # - ACTIVE: The link is configured and active within the bundle.
+              # - DETACHED: The link is not configured within the bundle. This means that the rest of the object should be empty.
         },
         "receivingOpticalPower": { # An InterconnectDiagnostics.LinkOpticalPower object, describing the current value and status of the received light level.
-          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include: - OK: The value has not crossed a warning threshold. - LOW_WARNING: The value has crossed below the low warning threshold. - HIGH_WARNING: The value has crossed above the high warning threshold. - LOW_ALARM: The value has crossed below the low alarm threshold. - HIGH_ALARM: The value has crossed above the high alarm threshold.
+          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include:
+              # - OK: The value has not crossed a warning threshold.
+              # - LOW_WARNING: The value has crossed below the low warning threshold.
+              # - HIGH_WARNING: The value has crossed above the high warning threshold.
+              # - LOW_ALARM: The value has crossed below the low alarm threshold.
+              # - HIGH_ALARM: The value has crossed above the high alarm threshold.
           "value": 3.14, # Value of the current receiving or transmitting optical power, read in dBm. Take a known good optical value, give it a 10% margin and trigger warnings relative to that value. In general, a -7dBm warning and a -11dBm alarm are good optical value estimates for most links.
         },
         "transmittingOpticalPower": { # An InterconnectDiagnostics.LinkOpticalPower object, describing the current value and status of the transmitted light level.
-          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include: - OK: The value has not crossed a warning threshold. - LOW_WARNING: The value has crossed below the low warning threshold. - HIGH_WARNING: The value has crossed above the high warning threshold. - LOW_ALARM: The value has crossed below the low alarm threshold. - HIGH_ALARM: The value has crossed above the high alarm threshold.
+          "state": "A String", # The status of the current value when compared to the warning and alarm levels for the receiving or transmitting transceiver. Possible states include:
+              # - OK: The value has not crossed a warning threshold.
+              # - LOW_WARNING: The value has crossed below the low warning threshold.
+              # - HIGH_WARNING: The value has crossed above the high warning threshold.
+              # - LOW_ALARM: The value has crossed below the low alarm threshold.
+              # - HIGH_ALARM: The value has crossed above the high alarm threshold.
           "value": 3.14, # Value of the current receiving or transmitting optical power, read in dBm. Take a known good optical value, give it a 10% margin and trigger warnings relative to that value. In general, a -7dBm warning and a -11dBm alarm are good optical value estimates for most links.
         },
       },
@@ -283,7 +319,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a Interconnect in the specified project using the data included in the request.
 
 Args:
@@ -291,7 +327,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+{ # Represents an Interconnect resource.
+    # 
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -310,11 +348,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -323,30 +367,53 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -380,7 +447,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -394,20 +462,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of interconnect available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -415,7 +489,9 @@ 
Method Details

     { # Response to the list request, and contains a list of interconnects.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Interconnect resources.
-    { # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+    { # Represents an Interconnect resource.
+        #
+        # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
       "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
       "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
         { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -434,11 +510,17 @@ 
Method Details

           ],
           "description": "A String", # A description about the purpose of the outage.
           "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-          "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+          "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+              # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+              # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
           "name": "A String", # Unique identifier for this outage notification.
-          "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+          "source": "A String", # The party that generated this notification, which can take the following value:
+              # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
           "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-          "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+          "state": "A String", # State of this notification, which can take one of the following values:
+              # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+              # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+              # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
         },
       ],
       "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -447,18 +529,28 @@ 
Method Details

       "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
         "A String",
       ],
-      "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+      "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+          # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+          # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
       "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-      "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+      "linkType": "A String", # Type of link requested, which can take one of the following values:
+          # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+          # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
       "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-      "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+      "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+          # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+          # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+          # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
       "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
       "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
       "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+      "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+          # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+          # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+          # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
     },
   ],
   "kind": "compute#interconnectList", # [Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.
@@ -466,7 +558,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -492,7 +585,7 @@ 
Method Details

 

 
 

-    patch(project, interconnect, body=None, requestId=None, x__xgafv=None)
+    patch(project, interconnect, body=None, requestId=None)
   
Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -501,7 +594,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Interconnect resource. An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the Dedicated Interconnect Overview.
+{ # Represents an Interconnect resource.
+    # 
+    # An Interconnect resource is a dedicated connection between the GCP network and your on-premises network. For more information, read the  Dedicated Interconnect Overview. (== resource_for {$api_version}.interconnects ==)
   "adminEnabled": True or False, # Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.
   "circuitInfos": [ # [Output Only] A list of CircuitInfo objects, that describe the individual circuits in this LAG.
     { # Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
@@ -520,11 +615,17 @@ 
Method Details

       ],
       "description": "A String", # A description about the purpose of the outage.
       "endTime": "A String", # Scheduled end time for the outage (milliseconds since Unix epoch).
-      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
+      "issueType": "A String", # Form this outage is expected to take, which can take one of the following values:
+          # - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
+          # - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values.
       "name": "A String", # Unique identifier for this outage notification.
-      "source": "A String", # The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
+      "source": "A String", # The party that generated this notification, which can take the following value:
+          # - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE.
       "startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch).
-      "state": "A String", # State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
+      "state": "A String", # State of this notification, which can take one of the following values:
+          # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling.
+          # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
+          # - COMPLETED: The outage associated with this notification is complete.  Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values.
     },
   ],
   "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.
@@ -533,30 +634,53 @@ 
Method Details

   "interconnectAttachments": [ # [Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.
     "A String",
   ],
-  "interconnectType": "A String", # Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
+  "interconnectType": "A String", # Type of interconnect, which can take one of the following values:
+      # - PARTNER: A partner-managed interconnection shared between customers though a partner.
+      # - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.
   "kind": "compute#interconnect", # [Output Only] Type of the resource. Always compute#interconnect for interconnects.
-  "linkType": "A String", # Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
+  "linkType": "A String", # Type of link requested, which can take one of the following values:
+      # - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics
+      # - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.
   "location": "A String", # URL of the InterconnectLocation object that represents where this connection is to be provisioned.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "nocContactEmail": "A String", # Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.
-  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values: - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect. - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect. - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "operationalStatus": "A String", # [Output Only] The current status of this Interconnect's functionality, which can take one of the following values:
+      # - OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
+      # - OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
   "peerIpAddress": "A String", # [Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.
   "provisionedLinkCount": 42, # [Output Only] Number of links actually provisioned in this interconnect.
   "requestedLinkCount": 42, # Target number of physical links in the link bundle, as requested by the customer.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values: - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect. - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect. - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
+  "state": "A String", # [Output Only] The current state of Interconnect functionality, which can take one of the following values:
+      # - ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
+      # - UNPROVISIONED: The Interconnect has not completed turnup. No attachments may be provisioned on this Interconnect.
+      # - UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -590,7 +714,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.licenseCodes.html b/docs/dyn/compute_v1.licenseCodes.html
index 65a42343295..2726b1ef75d 100644
--- a/docs/dyn/compute_v1.licenseCodes.html
+++ b/docs/dyn/compute_v1.licenseCodes.html
@@ -78,11 +78,11 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, licenseCode, x__xgafv=None)

-
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  get(project, licenseCode)

+
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

-
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  testIamPermissions(project, resource, body=None)

+
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 
Method Details

 

     close()
@@ -90,21 +90,19 @@ 
Method Details

 

 
 

-    get(project, licenseCode, x__xgafv=None)
-  
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    get(project, licenseCode)
+  
Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   licenseCode: string, Number corresponding to the License code resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a License Code resource. A License Code is a unique identifier used to represent a license resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License Code resource.
+    #
+    # A License Code is a unique identifier used to represent a license resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenseCodes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # [Output Only] Description of this License Code.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -123,8 +121,8 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
-  
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    testIamPermissions(project, resource, body=None)
+  
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -138,10 +136,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.licenses.html b/docs/dyn/compute_v1.licenses.html
index 0f873213133..cbaa5dac66f 100644
--- a/docs/dyn/compute_v1.licenses.html
+++ b/docs/dyn/compute_v1.licenses.html
@@ -78,29 +78,29 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, license, requestId=None, x__xgafv=None)

-
Deletes the specified license. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  delete(project, license, requestId=None)

+
Deletes the specified license.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  get(project, license, x__xgafv=None)

-
Returns the specified License resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  get(project, license)

+
Returns the specified License resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

-
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

+
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

-
Create a License resource in the specified project. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  insert(project, body=None, requestId=None)

+
Create a License resource in the specified project.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

-
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

+
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

-
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  setIamPolicy(project, resource, body=None)

+
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

-
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 

+  testIamPermissions(project, resource, body=None)

+
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.

 
Method Details

 

     close()
@@ -108,22 +108,35 @@ 
Method Details

 

 
 

-    delete(project, license, requestId=None, x__xgafv=None)
-  
Deletes the specified license. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    delete(project, license, requestId=None)
+  
Deletes the specified license.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   license: string, Name of the license resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +170,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,21 +185,19 @@ 
Method Details

 

 
 

-    get(project, license, x__xgafv=None)
-  
Returns the specified License resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    get(project, license)
+  
Returns the specified License resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   license: string, Name of the License resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License resource.
+    #
+    # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
   "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -203,34 +215,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
-  
Gets the access control policy for a resource. May be empty if no such policy or resource exists. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
+  
Gets the access control policy for a resource. May be empty if no such policy or resource exists.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -238,84 +274,154 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
-  
Create a License resource in the specified project. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    insert(project, body=None, requestId=None)
+  
Create a License resource in the specified project.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+{ # Represents a License resource.
+    # 
+    # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
   "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -331,16 +437,29 @@ 
Method Details

   "transferable": True or False, # If false, licenses will not be copied from the source resource when creating an image from a disk, disk from snapshot, or snapshot from disk.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -374,7 +493,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -388,20 +508,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
-  
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
+  
Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 9. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -409,7 +535,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of License resources.
-    { # Represents a License resource. A License represents billing and aggregate usage data for public and marketplace images. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
+    { # Represents a License resource.
+        #
+        # A License represents billing and aggregate usage data for public and marketplace images.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. (== resource_for {$api_version}.licenses ==)
       "chargesUseFee": True or False, # [Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional textual description of the resource; provided by the client when the resource is created.
@@ -429,7 +557,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -455,8 +584,8 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
-  
Sets the access control policy on the specified resource. Replaces any existing policy. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    setIamPolicy(project, resource, body=None)
+  
Sets the access control policy on the specified resource. Replaces any existing policy.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -467,33 +596,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -501,95 +704,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -597,77 +892,145 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
-  
Returns permissions that a caller has on the specified resource. *Caution* This resource is intended for use only by third-party partners who are creating Cloud Marketplace images. 
+    testIamPermissions(project, resource, body=None)
+  
Returns permissions that a caller has on the specified resource.  Caution This resource is intended for use only by third-party partners who are creating Cloud Marketplace images.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -681,10 +1044,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.machineTypes.html b/docs/dyn/compute_v1.machineTypes.html
index 1adeb9feb8a..a7d0936f175 100644
--- a/docs/dyn/compute_v1.machineTypes.html
+++ b/docs/dyn/compute_v1.machineTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . machineTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of machine types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, machineType, x__xgafv=None)

+  get(project, zone, machineType)

 
Returns the specified machine type. Gets a list of available machine types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of machine types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of machine types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of MachineTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of machine types.
       "machineTypes": [ # [Output Only] A list of machine types contained in this scope.
-        { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+        { # Represents a Machine Type resource.
+            #
+            # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
           "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
             {
               "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -154,7 +162,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the machine types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,7 +181,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -203,22 +213,20 @@ 
Method Details

 

 
 

-    get(project, zone, machineType, x__xgafv=None)
+    get(project, zone, machineType)
   
Returns the specified machine type. Gets a list of available machine types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   machineType: string, Name of the machine type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+    { # Represents a Machine Type resource.
+    #
+    # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
   "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
     {
       "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -254,21 +262,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of machine types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -276,7 +290,9 @@ 
Method Details

     { # Contains a list of machine types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of MachineType resources.
-    { # Represents a Machine Type resource. You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types.
+    { # Represents a Machine Type resource.
+        #
+        # You can use specific machine types for your VM instances based on performance and pricing requirements. For more information, read Machine Types. (== resource_for {$api_version}.machineTypes ==)
       "accelerators": [ # [Output Only] A list of accelerator configurations assigned to this machine type.
         {
           "guestAcceleratorCount": 42, # Number of accelerator cards exposed to the guest.
@@ -315,7 +331,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.networkEndpointGroups.html b/docs/dyn/compute_v1.networkEndpointGroups.html
index 20e00fa8cbb..f995be888f5 100644
--- a/docs/dyn/compute_v1.networkEndpointGroups.html
+++ b/docs/dyn/compute_v1.networkEndpointGroups.html
@@ -75,34 +75,34 @@
 
Compute Engine API . networkEndpointGroups

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups and sorts them by zone.

 

   aggregatedList_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)

 
Attach a list of network endpoints to the specified network endpoint group.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, zone, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.

 

-  detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)

+  detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)

 
Detach a list of network endpoints from the specified network endpoint group.

 

-  get(project, zone, networkEndpointGroup, x__xgafv=None)

+  get(project, zone, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of network endpoint groups that are located in the specified project and zone.

 

-  listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the network endpoints in the specified network endpoint group.

 

   listNetworkEndpoints_next(previous_request, previous_response)

@@ -111,25 +111,31 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups and sorts them by zone.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -139,23 +145,57 @@ 
Method Details

   "items": { # A list of NetworkEndpointGroupsScopedList resources.
     "a_key": { # The name of the scope that contains this set of network endpoint groups.
       "networkEndpointGroups": [ # [Output Only] The list of network endpoint groups that are contained in this scope.
-        { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+        { # Represents a collection of network endpoints.
+            #
+            # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
           "annotations": { # Metadata defined as annotations on the network endpoint group.
             "a_key": "A String",
           },
-          "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-            "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-            "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+          "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+            "service": "A String", # Optional serving service.
+                #
+                # The service name is case-sensitive and must be 1-63 characters long.
+                #
+                # Example value: "default", "my-service".
+            "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+                #
+                # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+            "version": "A String", # Optional serving version.
+                #
+                # The version name is case-sensitive and must be 1-100 characters long.
+                #
+                # Example value: "v1", "v2".
           },
-          "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-            "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+          "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+            "function": "A String", # A user-defined name of the Cloud Function.
+                #
+                # The function name is case-sensitive and must be 1-63 characters long.
+                #
+                # Example value: "func1".
+            "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+                #
+                # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
           },
-          "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-            "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-            "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-            "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+          "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+              #
+              # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+            "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+                #
+                # The service must be 1-63 characters long, and comply with RFC1035.
+                #
+                # Example value: "run-service".
+            "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+                #
+                # The tag must be 1-63 characters long, and comply with RFC1035.
+                #
+                # Example value: "revision-0010".
+            "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+                #
+                # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -174,7 +214,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that replaces the list of network endpoint groups when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -192,7 +233,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -218,7 +260,7 @@ 
Method Details

 

 
 

-    attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    attachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)
   
Attach a list of network endpoints to the specified network endpoint group.
 
 Args:
@@ -235,23 +277,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -285,7 +342,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -304,23 +362,36 @@ 
Method Details

 

 
 

-    delete(project, zone, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, zone, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -354,7 +425,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -368,7 +440,7 @@ 
Method Details

 

 
 

-    detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None, x__xgafv=None)
+    detachNetworkEndpoints(project, zone, networkEndpointGroup, body=None, requestId=None)
   
Detach a list of network endpoints from the specified network endpoint group.
 
 Args:
@@ -385,23 +457,38 @@ 
Method Details

         "a_key": "A String",
       },
       "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+      "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+          #
+          # The name must be 1-63 characters long, and comply with RFC1035.
       "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
       "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -435,7 +522,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -449,38 +537,68 @@ 
Method Details

 

 
 

-    get(project, zone, networkEndpointGroup, x__xgafv=None)
+    get(project, zone, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -499,7 +617,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -508,23 +626,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -541,16 +693,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -584,7 +749,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -598,21 +764,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of network endpoint groups that are located in the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone where the network endpoint group is located. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -620,23 +792,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -658,7 +864,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -670,7 +877,7 @@ 
Method Details

 

 
 

-    listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNetworkEndpoints(project, zone, networkEndpointGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the network endpoints in the specified network endpoint group.
 
 Args:
@@ -684,15 +891,21 @@ 
Method Details

   "healthStatus": "A String", # Optional query parameter for showing the health status of each network endpoint. Valid options are SKIP or SHOW. If you don't specify this parameter, the health status of network endpoints will not be provided.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -709,10 +922,16 @@ 
Method Details

           "forwardingRule": { # URL of the forwarding rule associated with the health state of the network endpoint.
             "forwardingRule": "A String",
           },
-          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check # URL of the health check associated with the health state of the network endpoint.
+          "healthCheck": { # A full or valid partial URL to a health check. For example, the following are valid URLs: # URL of the health check associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+              # - projects/project-id/global/httpHealthChecks/health-check
+              # - global/httpHealthChecks/health-check
             "healthCheck": "A String",
           },
-          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service - projects/project-id/regions/us-west1/healthCheckServices/health-check-service - regions/us-west1/healthCheckServices/health-check-service # URL of the health check service associated with the health state of the network endpoint.
+          "healthCheckService": { # A full or valid partial URL to a health check service. For example, the following are valid URLs: # URL of the health check service associated with the health state of the network endpoint.
+              # - https://www.googleapis.com/compute/beta/projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - projects/project-id/regions/us-west1/healthCheckServices/health-check-service
+              # - regions/us-west1/healthCheckServices/health-check-service
             "healthCheckService": "A String",
           },
           "healthState": "A String", # Health state of the network endpoint determined based on the health checks configured.
@@ -723,7 +942,9 @@ 
Method Details

           "a_key": "A String",
         },
         "fqdn": "A String", # Optional fully qualified domain name of network endpoint. This can only be specified when NetworkEndpointGroup.network_endpoint_type is NON_GCP_FQDN_PORT.
-        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group. The name must be 1-63 characters long, and comply with RFC1035.
+        "instance": "A String", # The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.
+            #
+            # The name must be 1-63 characters long, and comply with RFC1035.
         "ipAddress": "A String", # Optional IPv4 address of network endpoint. The IP address must belong to a VM in Compute Engine (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.
         "port": 42, # Optional port number of network endpoint. If not specified, the defaultPort for the network endpoint group will be used.
       },
@@ -733,7 +954,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -773,7 +995,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -789,10 +1011,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.networks.html b/docs/dyn/compute_v1.networks.html
index f47dac82d1c..d91631c1cfd 100644
--- a/docs/dyn/compute_v1.networks.html
+++ b/docs/dyn/compute_v1.networks.html
@@ -75,28 +75,28 @@
 
Compute Engine API . networks

 
Instance Methods

 

-  addPeering(project, network, body=None, requestId=None, x__xgafv=None)

+  addPeering(project, network, body=None, requestId=None)

 
Adds a peering to the specified network.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, network, requestId=None, x__xgafv=None)

+  delete(project, network, requestId=None)

 
Deletes the specified network.

 

-  get(project, network, x__xgafv=None)

+  get(project, network)

 
Returns the specified network. Gets a list of available networks by making a list() request.

 

-  getEffectiveFirewalls(project, network, x__xgafv=None)

+  getEffectiveFirewalls(project, network)

 
Returns the effective firewalls on a given network.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a network in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of networks available to the specified project.

 

-  listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None, x__xgafv=None)

+  listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None)

 
Lists the peering routes exchanged over peering connection.

 

   listPeeringRoutes_next(previous_request, previous_response)

@@ -105,20 +105,20 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, network, body=None, requestId=None, x__xgafv=None)

+  patch(project, network, body=None, requestId=None)

 
Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.

 

-  removePeering(project, network, body=None, requestId=None, x__xgafv=None)

+  removePeering(project, network, body=None, requestId=None)

 
Removes a peering from the specified network.

 

-  switchToCustomMode(project, network, requestId=None, x__xgafv=None)

+  switchToCustomMode(project, network, requestId=None)

 
Switches the network mode from auto subnet mode to custom subnet mode.

 

-  updatePeering(project, network, body=None, requestId=None, x__xgafv=None)

+  updatePeering(project, network, body=None, requestId=None)

 
Updates the specified network peering with the data included in the request Only the following fields can be modified: NetworkPeering.export_custom_routes, and NetworkPeering.import_custom_routes

 
Method Details

 

-    addPeering(project, network, body=None, requestId=None, x__xgafv=None)
+    addPeering(project, network, body=None, requestId=None)
   
Adds a peering to the specified network.
 
 Args:
@@ -146,16 +146,29 @@ 
Method Details

   "peerNetwork": "A String", # URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -189,7 +202,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -208,22 +222,35 @@ 
Method Details

 

 
 

-    delete(project, network, requestId=None, x__xgafv=None)
+    delete(project, network, requestId=None)
   
Deletes the specified network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -257,7 +284,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -271,23 +299,27 @@ 
Method Details

 

 
 

-    get(project, network, x__xgafv=None)
+    get(project, network)
   
Returns the specified network. Gets a list of available networks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a VPC Network resource.
+    #
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      #
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      #
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      #
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -321,16 +353,12 @@ 
Method Details

 

 
 

-    getEffectiveFirewalls(project, network, x__xgafv=None)
+    getEffectiveFirewalls(project, network)
   
Returns the effective firewalls on a given network.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -355,7 +383,9 @@ 
Method Details

             "layer4Configs": [ # Pairs of IP protocols and ports that the rule should match.
               {
                 "ipProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.
-                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+                "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+                    #
+                    # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
                   "A String",
                 ],
               },
@@ -379,11 +409,15 @@ 
Method Details

     },
   ],
   "firewalls": [ # Effective firewalls on the network.
-    { # Represents a Firewall Rule resource. Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
+    { # Represents a Firewall Rule resource.
+        #
+        # Firewall rules allow or deny ingress traffic to, and egress traffic from your instances. For more information, read Firewall rules.
       "allowed": [ # The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -392,7 +426,9 @@ 
Method Details

       "denied": [ # The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.
         {
           "IPProtocol": "A String", # The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number.
-          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
+          "ports": [ # An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.
+              #
+              # Example inputs include: ["22"], ["80","443"], and ["12345-12349"].
             "A String",
           ],
         },
@@ -410,7 +446,12 @@ 
Method Details

         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
-      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
+      "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:
+          # global/networks/default
+          # If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network
+          # - projects/myproject/global/networks/my-network
+          # - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sourceRanges": [ # If source ranges are specified, the firewall rule applies only to traffic that has a source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both fields are set, the rule applies to traffic that has a source IP address within sourceRanges OR a source IP from a resource with a matching tag listed in the sourceTags field. The connection does not need to match both fields for the rule to apply. Only IPv4 is supported.
@@ -434,7 +475,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a network in the specified project using the data included in the request.
 
 Args:
@@ -442,9 +483,17 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a VPC Network resource.
+    # 
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      # 
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      # 
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      # 
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -476,16 +525,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -519,7 +581,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -533,20 +596,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of networks available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -554,9 +623,17 @@ 
Method Details

     { # Contains a list of networks.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Network resources.
-    { # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a VPC Network resource.
+        #
+        # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
       "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-      "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+      "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+          #
+          # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+          #
+          # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+          #
+          # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
       "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -593,7 +670,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -605,7 +683,7 @@ 
Method Details

 

 
 

-    listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None, x__xgafv=None)
+    listPeeringRoutes(project, network, direction=None, filter=None, maxResults=None, orderBy=None, pageToken=None, peeringName=None, region=None, returnPartialSuccess=None)
   
Lists the peering routes exchanged over peering connection.
 
 Args:
@@ -613,19 +691,25 @@ 
Method Details

   network: string, Name of the network for this request. (required)
   direction: string, The direction of the exchanged routes.
     Allowed values
-      INCOMING - For routes exported from peer network.
-      OUTGOING - For routes exported from local network.
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+      INCOMING - 
+      OUTGOING - 
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   peeringName: string, The response will show routes exchanged over the given peering connection.
   region: string, The region of the request. The response will include all subnet routes, static routes and dynamic routes in the region.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -646,7 +730,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -686,7 +771,7 @@ 
Method Details

 

 
 

-    patch(project, network, body=None, requestId=None, x__xgafv=None)
+    patch(project, network, body=None, requestId=None)
   
Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.
 
 Args:
@@ -695,9 +780,17 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a VPC Network resource. Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a VPC Network resource.
+    # 
+    # Networks connect resources to each other and to the internet. For more information, read Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.networks ==)
   "IPv4Range": "A String", # Deprecated in favor of subnet mode networks. The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.
-  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created. When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode. An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges. For custom mode VPC networks, you can add subnets using the subnetworks insert method.
+  "autoCreateSubnetworks": True or False, # Must be set to create a VPC network. If not set, a legacy network is created.
+      # 
+      # When set to true, the VPC network is created in auto mode. When set to false, the VPC network is created in custom mode.
+      # 
+      # An auto mode VPC network starts with one subnet per region. Each subnet has a predetermined range as described in Auto mode VPC network IP ranges.
+      # 
+      # For custom mode VPC networks, you can add subnets using the subnetworks insert method.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "gatewayIPv4": "A String", # [Output Only] The gateway address for default routing out of the network, selected by GCP.
@@ -729,16 +822,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -772,7 +878,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -786,7 +893,7 @@ 
Method Details

 

 
 

-    removePeering(project, network, body=None, requestId=None, x__xgafv=None)
+    removePeering(project, network, body=None, requestId=None)
   
Removes a peering from the specified network.
 
 Args:
@@ -799,16 +906,29 @@ 
Method Details

   "name": "A String", # Name of the peering, which should conform to RFC1035.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -842,7 +962,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -856,22 +977,35 @@ 
Method Details

 

 
 

-    switchToCustomMode(project, network, requestId=None, x__xgafv=None)
+    switchToCustomMode(project, network, requestId=None)
   
Switches the network mode from auto subnet mode to custom subnet mode.
 
 Args:
   project: string, Project ID for this request. (required)
   network: string, Name of the network to be updated. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -905,7 +1039,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -919,7 +1054,7 @@ 
Method Details

 

 
 

-    updatePeering(project, network, body=None, requestId=None, x__xgafv=None)
+    updatePeering(project, network, body=None, requestId=None)
   
Updates the specified network peering with the data included in the request Only the following fields can be modified: NetworkPeering.export_custom_routes, and NetworkPeering.import_custom_routes
 
 Args:
@@ -944,16 +1079,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -987,7 +1135,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.nodeGroups.html b/docs/dyn/compute_v1.nodeGroups.html
index e9a17c5a757..274ca2f235c 100644
--- a/docs/dyn/compute_v1.nodeGroups.html
+++ b/docs/dyn/compute_v1.nodeGroups.html
@@ -75,10 +75,10 @@
 
Compute Engine API . nodeGroups

 
Instance Methods

 

-  addNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  addNodes(project, zone, nodeGroup, body=None, requestId=None)

 
Adds specified number of nodes to the node group.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node groups. Note: use nodeGroups.listNodes for more details about each group.

 

   aggregatedList_next(previous_request, previous_response)

@@ -87,25 +87,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, nodeGroup, requestId=None, x__xgafv=None)

+  delete(project, zone, nodeGroup, requestId=None)

 
Deletes the specified NodeGroup resource.

 

-  deleteNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  deleteNodes(project, zone, nodeGroup, body=None, requestId=None)

 
Deletes specified nodes from the node group.

 

-  get(project, zone, nodeGroup, x__xgafv=None)

+  get(project, zone, nodeGroup)

 
Returns the specified NodeGroup. Get a list of available NodeGroups by making a list() request. Note: the "nodes" field should not be used. Use nodeGroups.listNodes instead.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, initialNodeCount, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, initialNodeCount, body=None, requestId=None)

 
Creates a NodeGroup resource in the specified project using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node groups available to the specified project. Note: use nodeGroups.listNodes for more details about each group.

 

-  listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists nodes in the node group.

 

   listNodes_next(previous_request, previous_response)

@@ -114,20 +114,20 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  patch(project, zone, nodeGroup, body=None, requestId=None)

 
Updates the specified node group.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)

+  setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None)

 
Updates the node template of the node group.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    addNodes(project, zone, nodeGroup, body=None, requestId=None)
   
Adds specified number of nodes to the node group.
 
 Args:
@@ -141,16 +141,29 @@ 
Method Details

   "additionalNodeCount": 42, # Count of additional nodes to be added to the node group.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -184,7 +197,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -198,21 +212,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node groups. Note: use nodeGroups.listNodes for more details about each group.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -222,11 +242,13 @@ 
Method Details

   "items": { # A list of NodeGroupsScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node groups.
       "nodeGroups": [ # [Output Only] A list of node groups contained in this scope.
-        { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+        { # Represent a sole-tenant Node Group resource.
+            #
+            # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
           "autoscalingPolicy": { # Specifies how autoscaling should behave.
             "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
             "minNodes": 42, # The minimum number of nodes that the group should have.
-            "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+            "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -234,7 +256,7 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
           "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-          "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+          "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
           "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
             "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -252,7 +274,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the nodeGroup list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -270,7 +293,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -301,23 +325,36 @@ 
Method Details

 

 
 

-    delete(project, zone, nodeGroup, requestId=None, x__xgafv=None)
+    delete(project, zone, nodeGroup, requestId=None)
   
Deletes the specified NodeGroup resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the NodeGroup resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -351,7 +388,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -365,7 +403,7 @@ 
Method Details

 

 
 

-    deleteNodes(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    deleteNodes(project, zone, nodeGroup, body=None, requestId=None)
   
Deletes specified nodes from the node group.
 
 Args:
@@ -381,16 +419,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -424,7 +475,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -438,26 +490,24 @@ 
Method Details

 

 
 

-    get(project, zone, nodeGroup, x__xgafv=None)
+    get(project, zone, nodeGroup)
   
Returns the specified NodeGroup. Get a list of available NodeGroups by making a list() request. Note: the "nodes" field should not be used. Use nodeGroups.listNodes instead.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the node group to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+    { # Represent a sole-tenant Node Group resource.
+    #
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -465,7 +515,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -483,7 +533,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -491,27 +541,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -519,76 +593,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, initialNodeCount, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, initialNodeCount, body=None, requestId=None)
   
Creates a NodeGroup resource in the specified project using the data included in the request.
 
 Args:
@@ -598,11 +740,13 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+{ # Represent a sole-tenant Node Group resource.
+    # 
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -610,7 +754,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -626,16 +770,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The name of the zone where the node group resides, such as us-central1-a.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -669,7 +826,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -683,21 +841,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node groups available to the specified project. Note: use nodeGroups.listNodes for more details about each group.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -705,11 +869,13 @@ 
Method Details

     { # Contains a list of nodeGroups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeGroup resources.
-    { # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+    { # Represent a sole-tenant Node Group resource.
+        #
+        # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
       "autoscalingPolicy": { # Specifies how autoscaling should behave.
         "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
         "minNodes": 42, # The minimum number of nodes that the group should have.
-        "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+        "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -717,7 +883,7 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
       "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-      "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+      "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
       "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
         "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -738,7 +904,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -750,22 +917,28 @@ 
Method Details

 

 
 

-    listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listNodes(project, zone, nodeGroup, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists nodes in the node group.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeGroup: string, Name of the NodeGroup resource whose nodes you want to list. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -806,7 +979,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -846,7 +1020,7 @@ 
Method Details

 

 
 

-    patch(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    patch(project, zone, nodeGroup, body=None, requestId=None)
   
Updates the specified node group.
 
 Args:
@@ -856,11 +1030,13 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Group resource. A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes.
+{ # Represent a sole-tenant Node Group resource.
+    # 
+    # A sole-tenant node is a physical server that is dedicated to hosting VM instances only for your specific project. Use sole-tenant nodes to keep your instances physically separated from instances in other projects, or to group your instances together on the same host hardware. For more information, read Sole-tenant nodes. (== resource_for {$api_version}.nodeGroups ==)
   "autoscalingPolicy": { # Specifies how autoscaling should behave.
     "maxNodes": 42, # The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100.
     "minNodes": 42, # The minimum number of nodes that the group should have.
-    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.
+    "mode": "A String", # The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see  Autoscaler modes.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -868,7 +1044,7 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#nodeGroup", # [Output Only] The type of the resource. Always compute#nodeGroup for node group.
   "locationHint": "A String", # An opaque location hint used to place the Node close to other resources. This field is for use by internal tools that use the public API. The location hint here on the NodeGroup overrides any location_hint present in the NodeTemplate.
-  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.
+  "maintenancePolicy": "A String", # Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see  Maintenance policies.
   "maintenanceWindow": { # Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
     "maintenanceDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # [Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
@@ -884,16 +1060,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The name of the zone where the node group resides, such as us-central1-a.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -927,7 +1116,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -941,7 +1131,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -954,33 +1144,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -988,95 +1252,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1084,76 +1440,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None, x__xgafv=None)
+    setNodeTemplate(project, zone, nodeGroup, body=None, requestId=None)
   
Updates the node template of the node group.
 
 Args:
@@ -1167,16 +1591,29 @@ 
Method Details

   "nodeTemplate": "A String", # Full or partial URL of the node template resource to be updated for this node group.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1210,7 +1647,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1224,7 +1662,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1240,10 +1678,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.nodeTemplates.html b/docs/dyn/compute_v1.nodeTemplates.html
index d6e654366d0..06049d3739f 100644
--- a/docs/dyn/compute_v1.nodeTemplates.html
+++ b/docs/dyn/compute_v1.nodeTemplates.html
@@ -75,7 +75,7 @@
 
Compute Engine API . nodeTemplates

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node templates.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, nodeTemplate, requestId=None, x__xgafv=None)

+  delete(project, region, nodeTemplate, requestId=None)

 
Deletes the specified NodeTemplate resource.

 

-  get(project, region, nodeTemplate, x__xgafv=None)

+  get(project, region, nodeTemplate)

 
Returns the specified node template. Gets a list of available node templates by making a list() request.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a NodeTemplate resource in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node templates available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node templates.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,7 +139,9 @@ 
Method Details

   "items": { # A list of NodeTemplatesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node templates.
       "nodeTemplates": [ # [Output Only] A list of node templates contained in this scope.
-        { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+        { # Represent a sole-tenant Node Template resource.
+            #
+            # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
           "accelerators": [
             { # A specification of the type and number of accelerator cards attached to the instance.
               "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -157,14 +165,20 @@ 
Method Details

             "a_key": "A String",
           },
           "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-          "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+          "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+              #
+              # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
             "cpus": "A String",
             "localSsd": "A String",
             "memory": "A String",
           },
           "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+          "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+              # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+              # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+              #
+              # See Sole-tenant node options for more information.
             "type": "A String",
           },
           "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -173,7 +187,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the node templates list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,7 +206,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -222,23 +238,36 @@ 
Method Details

 

 
 

-    delete(project, region, nodeTemplate, requestId=None, x__xgafv=None)
+    delete(project, region, nodeTemplate, requestId=None)
   
Deletes the specified NodeTemplate resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   nodeTemplate: string, Name of the NodeTemplate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -272,7 +301,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -286,22 +316,20 @@ 
Method Details

 

 
 

-    get(project, region, nodeTemplate, x__xgafv=None)
+    get(project, region, nodeTemplate)
   
Returns the specified node template. Gets a list of available node templates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   nodeTemplate: string, Name of the node template to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+    { # Represent a sole-tenant Node Template resource.
+    #
+    # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
   "accelerators": [
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -325,14 +353,20 @@ 
Method Details

     "a_key": "A String",
   },
   "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+      #
+      # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
     "cpus": "A String",
     "localSsd": "A String",
     "memory": "A String",
   },
   "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+  "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+      # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+      # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+      #
+      # See Sole-tenant node options for more information.
     "type": "A String",
   },
   "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -341,7 +375,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -349,27 +383,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -377,76 +435,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a NodeTemplate resource in the specified project using the data included in the request.
 
 Args:
@@ -455,7 +581,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+{ # Represent a sole-tenant Node Template resource.
+    # 
+    # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
   "accelerators": [
     { # A specification of the type and number of accelerator cards attached to the instance.
       "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -479,30 +607,49 @@ 
Method Details

     "a_key": "A String",
   },
   "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+  "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+      # 
+      # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
     "cpus": "A String",
     "localSsd": "A String",
     "memory": "A String",
   },
   "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+  "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+      # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+      # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+      # 
+      # See Sole-tenant node options for more information.
     "type": "A String",
   },
   "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -536,7 +683,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -550,21 +698,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node templates available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -572,7 +726,9 @@ 
Method Details

     { # Contains a list of node templates.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeTemplate resources.
-    { # Represent a sole-tenant Node Template resource. You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances.
+    { # Represent a sole-tenant Node Template resource.
+        #
+        # You can use a template to define properties for nodes in a node group. For more information, read Creating node groups and instances. (== resource_for {$api_version}.nodeTemplates ==)
       "accelerators": [
         { # A specification of the type and number of accelerator cards attached to the instance.
           "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
@@ -596,14 +752,20 @@ 
Method Details

         "a_key": "A String",
       },
       "nodeType": "A String", # The node type to use for nodes group that are created from this template.
-      "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties. This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
+      "nodeTypeFlexibility": { # The flexible properties of the desired node type. Node groups that use this node template will create nodes of a type that matches these properties.
+          #
+          # This field is mutually exclusive with the node_type property; you can only define one or the other, but not both.
         "cpus": "A String",
         "localSsd": "A String",
         "memory": "A String",
       },
       "region": "A String", # [Output Only] The name of the region where the node template resides, such as us-central1.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serverBinding": { # Sets the binding properties for the physical server. Valid values include: - *[Default]* RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible See Sole-tenant node options for more information.
+      "serverBinding": { # Sets the binding properties for the physical server. Valid values include:
+          # - [Default] RESTART_NODE_ON_ANY_SERVER: Restarts VMs on any available physical server
+          # - RESTART_NODE_ON_MINIMAL_SERVER: Restarts VMs on the same physical server whenever possible
+          #
+          # See Sole-tenant node options for more information.
         "type": "A String",
       },
       "status": "A String", # [Output Only] The status of the node template. One of the following values: CREATING, READY, and DELETING.
@@ -615,7 +777,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -641,7 +804,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -654,33 +817,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -688,95 +925,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -784,76 +1113,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -869,10 +1266,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.nodeTypes.html b/docs/dyn/compute_v1.nodeTypes.html
index 546b8426d5d..37a345141c3 100644
--- a/docs/dyn/compute_v1.nodeTypes.html
+++ b/docs/dyn/compute_v1.nodeTypes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . nodeTypes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of node types.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,31 +84,37 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, nodeType, x__xgafv=None)

+  get(project, zone, nodeType)

 
Returns the specified node type. Gets a list of available node types by making a list() request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of node types available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of node types.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -118,7 +124,9 @@ 
Method Details

   "items": { # A list of NodeTypesScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of node types.
       "nodeTypes": [ # [Output Only] A list of node types contained in this scope.
-        { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+        { # Represent a sole-tenant Node Type resource.
+            #
+            # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
           "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -141,7 +149,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] An informational warning that appears when the node types list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -159,7 +168,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -190,22 +200,20 @@ 
Method Details

 

 
 

-    get(project, zone, nodeType, x__xgafv=None)
+    get(project, zone, nodeType)
   
Returns the specified node type. Gets a list of available node types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
   nodeType: string, Name of the node type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+    { # Represent a sole-tenant Node Type resource.
+    #
+    # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
   "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -228,21 +236,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of node types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, The name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -250,7 +264,9 @@ 
Method Details

     { # Contains a list of node types.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NodeType resources.
-    { # Represent a sole-tenant Node Type resource. Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types.
+    { # Represent a sole-tenant Node Type resource.
+        #
+        # Each node within a node group must have a node type. A node type specifies the total amount of cores and memory for that node. Currently, the only available node type is n1-node-96-624 node type that has 96 vCPUs and 624 GB of memory, available in multiple zones. For more information read Node types. (== resource_for {$api_version}.nodeTypes ==)
       "cpuPlatform": "A String", # [Output Only] The CPU platform used by this node type.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this node type.
@@ -276,7 +292,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.packetMirrorings.html b/docs/dyn/compute_v1.packetMirrorings.html
index ae7370db308..cdd0cbb3412 100644
--- a/docs/dyn/compute_v1.packetMirrorings.html
+++ b/docs/dyn/compute_v1.packetMirrorings.html
@@ -75,7 +75,7 @@
 
Compute Engine API . packetMirrorings

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of packetMirrorings.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, packetMirroring, requestId=None, x__xgafv=None)

+  delete(project, region, packetMirroring, requestId=None)

 
Deletes the specified PacketMirroring resource.

 

-  get(project, region, packetMirroring, x__xgafv=None)

+  get(project, region, packetMirroring)

 
Returns the specified PacketMirroring resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a PacketMirroring resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of PacketMirroring resources available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, packetMirroring, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, packetMirroring, body=None, requestId=None)

 
Patches the specified PacketMirroring resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of packetMirrorings.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,14 +136,18 @@ 
Method Details

   "items": { # A list of PacketMirroring resources.
     "a_key": { # Name of the scope containing this set of packetMirrorings.
       "packetMirrorings": [ # A list of packetMirrorings contained in this scope.
-        { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+        { # Represents a Packet Mirroring resource.
+            #
+            # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
           "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
             "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
           },
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+          "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+              #
+              # The default is TRUE.
           "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
             "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
               "A String",
@@ -150,13 +160,19 @@ 
Method Details

           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
           "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-            "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+            "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+                #
+                # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+                #
+                # You may specify a maximum of 50 Instances.
               {
                 "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
                 "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
               },
             ],
-            "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+            "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+                #
+                # You may specify a maximum of 5 subnetworks.
               {
                 "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
                 "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -171,14 +187,17 @@ 
Method Details

             "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
             "url": "A String", # URL of the network resource.
           },
-          "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+          "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+              #
+              # Default value is 1000. Valid range is 0 through 65535.
           "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
         },
       ],
       "warning": { # Informational warning which replaces the list of packetMirrorings when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -196,7 +215,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -227,23 +247,36 @@ 
Method Details

 

 
 

-    delete(project, region, packetMirroring, requestId=None, x__xgafv=None)
+    delete(project, region, packetMirroring, requestId=None)
   
Deletes the specified PacketMirroring resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   packetMirroring: string, Name of the PacketMirroring resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -277,7 +310,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -291,29 +325,29 @@ 
Method Details

 

 
 

-    get(project, region, packetMirroring, x__xgafv=None)
+    get(project, region, packetMirroring)
   
Returns the specified PacketMirroring resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   packetMirroring: string, Name of the PacketMirroring resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+    { # Represents a Packet Mirroring resource.
+    #
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      #
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -326,13 +360,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -347,14 +387,16 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      #
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a PacketMirroring resource in the specified project and region using the data included in the request.
 
 Args:
@@ -363,14 +405,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+{ # Represents a Packet Mirroring resource.
+    # 
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      # 
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -383,13 +429,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -404,21 +456,36 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      # 
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -452,7 +519,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -466,21 +534,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of PacketMirroring resources available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -488,14 +562,18 @@ 
Method Details

     { # Contains a list of PacketMirroring resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of PacketMirroring resources.
-    { # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+    { # Represents a Packet Mirroring resource.
+        #
+        # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
       "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
         "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+      "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+          #
+          # The default is TRUE.
       "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
         "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
           "A String",
@@ -508,13 +586,19 @@ 
Method Details

       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
       "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-        "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+        "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+            #
+            # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+            #
+            # You may specify a maximum of 50 Instances.
           {
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
             "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
           },
         ],
-        "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+        "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+            #
+            # You may specify a maximum of 5 subnetworks.
           {
             "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
             "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -529,7 +613,9 @@ 
Method Details

         "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
         "url": "A String", # URL of the network resource.
       },
-      "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+      "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+          #
+          # Default value is 1000. Valid range is 0 through 65535.
       "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
     },
@@ -539,7 +625,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -565,7 +652,7 @@ 
Method Details

 

 
 

-    patch(project, region, packetMirroring, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, packetMirroring, body=None, requestId=None)
   
Patches the specified PacketMirroring resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -575,14 +662,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Packet Mirroring resource. Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring.
+{ # Represents a Packet Mirroring resource.
+    # 
+    # Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to a collector destination, such as an instance group of an internal TCP/UDP load balancer, for analysis or examination. For more information about setting up Packet Mirroring, see Using Packet Mirroring. (== resource_for {$api_version}.packetMirrorings ==)
   "collectorIlb": { # The Forwarding Rule resource of type loadBalancingScheme=INTERNAL that will be used as collector for mirrored traffic. The specified forwarding rule must have isMirroringCollector set to true.
     "canonicalUrl": "A String", # [Output Only] Unique identifier for the forwarding rule; defined by the server.
     "url": "A String", # Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.
+  "enable": "A String", # Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network.
+      # 
+      # The default is TRUE.
   "filter": { # Filter for mirrored traffic. If unspecified, all traffic is mirrored.
     "IPProtocols": [ # Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored.
       "A String",
@@ -595,13 +686,19 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#packetMirroring", # [Output Only] Type of the resource. Always compute#packetMirroring for packet mirrorings.
   "mirroredResources": { # PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored.
-    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances.
+    "instances": [ # A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring.
+        #
+        # Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring.
+        #
+        # You may specify a maximum of 50 Instances.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the instance; defined by the server.
         "url": "A String", # Resource URL to the virtual machine instance which is being mirrored.
       },
     ],
-    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks.
+    "subnetworks": [ # A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring.
+        #
+        # You may specify a maximum of 5 subnetworks.
       {
         "canonicalUrl": "A String", # [Output Only] Unique identifier for the subnetwork; defined by the server.
         "url": "A String", # Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored.
@@ -616,21 +713,36 @@ 
Method Details

     "canonicalUrl": "A String", # [Output Only] Unique identifier for the network; defined by the server.
     "url": "A String", # URL of the network resource.
   },
-  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.
+  "priority": 42, # The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins.
+      # 
+      # Default value is 1000. Valid range is 0 through 65535.
   "region": "A String", # [Output Only] URI of the region where the packetMirroring resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -664,7 +776,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -678,7 +791,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -694,10 +807,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.projects.html b/docs/dyn/compute_v1.projects.html
index 384194eb630..710fa520345 100644
--- a/docs/dyn/compute_v1.projects.html
+++ b/docs/dyn/compute_v1.projects.html
@@ -78,49 +78,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  disableXpnHost(project, requestId=None, x__xgafv=None)

+  disableXpnHost(project, requestId=None)

 
Disable this project as a shared VPC host project.

 

-  disableXpnResource(project, body=None, requestId=None, x__xgafv=None)

+  disableXpnResource(project, body=None, requestId=None)

 
Disable a service resource (also known as service project) associated with this host project.

 

-  enableXpnHost(project, requestId=None, x__xgafv=None)

+  enableXpnHost(project, requestId=None)

 
Enable this project as a shared VPC host project.

 

-  enableXpnResource(project, body=None, requestId=None, x__xgafv=None)

+  enableXpnResource(project, body=None, requestId=None)

 
Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.

 

-  get(project, x__xgafv=None)

+  get(project)

 
Returns the specified Project resource.

 

-  getXpnHost(project, x__xgafv=None)

+  getXpnHost(project)

 
Gets the shared VPC host project that this project links to. May be empty if no link exists.

 

-  getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Gets service resources (a.k.a service project) associated with this host project.

 

   getXpnResources_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all shared VPC host projects visible to the user in an organization.

 

   listXpnHosts_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  moveDisk(project, body=None, requestId=None, x__xgafv=None)

+  moveDisk(project, body=None, requestId=None)

 
Moves a persistent disk from one zone to another.

 

-  moveInstance(project, body=None, requestId=None, x__xgafv=None)

+  moveInstance(project, body=None, requestId=None)

 
Moves an instance and its attached persistent disks from one zone to another.

 

-  setCommonInstanceMetadata(project, body=None, requestId=None, x__xgafv=None)

+  setCommonInstanceMetadata(project, body=None, requestId=None)

 
Sets metadata common to all instances within the specified project using the data included in the request.

 

-  setDefaultNetworkTier(project, body=None, requestId=None, x__xgafv=None)

+  setDefaultNetworkTier(project, body=None, requestId=None)

 
Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.

 

-  setUsageExportBucket(project, body=None, requestId=None, x__xgafv=None)

+  setUsageExportBucket(project, body=None, requestId=None)

 
Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.

 
Method Details

 

@@ -129,21 +129,34 @@ 
Method Details

 

 
 

-    disableXpnHost(project, requestId=None, x__xgafv=None)
+    disableXpnHost(project, requestId=None)
   
Disable this project as a shared VPC host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -177,7 +190,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,7 +205,7 @@ 
Method Details

 

 
 

-    disableXpnResource(project, body=None, requestId=None, x__xgafv=None)
+    disableXpnResource(project, body=None, requestId=None)
   
Disable a service resource (also known as service project) associated with this host project.
 
 Args:
@@ -206,16 +220,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -249,7 +276,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -263,21 +291,34 @@ 
Method Details

 

 
 

-    enableXpnHost(project, requestId=None, x__xgafv=None)
+    enableXpnHost(project, requestId=None)
   
Enable this project as a shared VPC host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -311,7 +352,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -325,7 +367,7 @@ 
Method Details

 

 
 

-    enableXpnResource(project, body=None, requestId=None, x__xgafv=None)
+    enableXpnResource(project, body=None, requestId=None)
   
Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.
 
 Args:
@@ -340,16 +382,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -383,7 +438,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -397,24 +453,24 @@ 
Method Details

 

 
 

-    get(project, x__xgafv=None)
+    get(project)
   
Returns the specified Project resource.
 
 Args:
   project: string, Project ID for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+    #
+    # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
   "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -428,7 +484,7 @@ 
Method Details

   "enabledFeatures": [ # Restricted features enabled for use on this project.
     "A String",
   ],
-  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
   "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
   "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
   "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -449,24 +505,24 @@ 
Method Details

 

 
 

-    getXpnHost(project, x__xgafv=None)
+    getXpnHost(project)
   
Gets the shared VPC host project that this project links to. May be empty if no link exists.
 
 Args:
   project: string, Project ID for this request. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+    #
+    # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
   "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+    "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve the resource.
     "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-      { # Metadata
+      {
         "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
         "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
       },
@@ -480,7 +536,7 @@ 
Method Details

   "enabledFeatures": [ # Restricted features enabled for use on this project.
     "A String",
   ],
-  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+  "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
   "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
   "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
   "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -501,20 +557,26 @@ 
Method Details

 

 
 

-    getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    getXpnResources(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Gets service resources (a.k.a service project) associated with this host project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -546,7 +608,7 @@ 
Method Details

 

 
 

-    listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listXpnHosts(project, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all shared VPC host projects visible to the user in an organization.
 
 Args:
@@ -558,15 +620,21 @@ 
Method Details

   "organization": "A String", # Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -574,11 +642,15 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # [Output Only] A list of shared VPC host project URLs.
-    { # Represents a Project resource. A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the Resource Hierarchy.
+    { # Represents a Project resource.
+        #
+        # A project is used to organize resources in a Google Cloud Platform environment. For more information, read about the  Resource Hierarchy. (== resource_for {$api_version}.projects ==)
       "commonInstanceMetadata": { # A metadata key/value entry. # Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information.
-        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+        "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+            #
+            # To see the latest fingerprint, make a get() request to retrieve the resource.
         "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-          { # Metadata
+          {
             "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
             "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
           },
@@ -592,7 +664,7 @@ 
Method Details

       "enabledFeatures": [ # Restricted features enabled for use on this project.
         "A String",
       ],
-      "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is *not* the project ID, and is just a unique ID used by Compute Engine to identify resources.
+      "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.
       "kind": "compute#project", # [Output Only] Type of the resource. Always compute#project for projects.
       "name": "A String", # The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.
       "quotas": [ # [Output Only] Quotas assigned to this project.
@@ -616,7 +688,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -642,7 +715,7 @@ 
Method Details

 

 
 

-    moveDisk(project, body=None, requestId=None, x__xgafv=None)
+    moveDisk(project, body=None, requestId=None)
   
Moves a persistent disk from one zone to another.
 
 Args:
@@ -651,20 +724,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "destinationZone": "A String", # The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone: - https://www.googleapis.com/compute/v1/projects/project/zones/zone - projects/project/zones/zone - zones/zone
-  "targetDisk": "A String", # The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk
+  "destinationZone": "A String", # The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone
+      # - projects/project/zones/zone
+      # - zones/zone
+  "targetDisk": "A String", # The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - zones/zone/disks/disk
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -698,7 +790,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -712,7 +805,7 @@ 
Method Details

 

 
 

-    moveInstance(project, body=None, requestId=None, x__xgafv=None)
+    moveInstance(project, body=None, requestId=None)
   
Moves an instance and its attached persistent disks from one zone to another.
 
 Args:
@@ -721,20 +814,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "destinationZone": "A String", # The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone: - https://www.googleapis.com/compute/v1/projects/project/zones/zone - projects/project/zones/zone - zones/zone
-  "targetInstance": "A String", # The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "destinationZone": "A String", # The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone
+      # - projects/project/zones/zone
+      # - zones/zone
+  "targetInstance": "A String", # The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -768,7 +880,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -782,7 +895,7 @@ 
Method Details

 

 
 

-    setCommonInstanceMetadata(project, body=None, requestId=None, x__xgafv=None)
+    setCommonInstanceMetadata(project, body=None, requestId=None)
   
Sets metadata common to all instances within the specified project using the data included in the request.
 
 Args:
@@ -791,9 +904,11 @@ 
Method Details

     The object takes the form of:
 
 { # A metadata key/value entry.
-  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+  "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve the resource.
   "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-    { # Metadata
+    {
       "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
       "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
     },
@@ -801,16 +916,29 @@ 
Method Details

   "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -844,7 +972,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -858,7 +987,7 @@ 
Method Details

 

 
 

-    setDefaultNetworkTier(project, body=None, requestId=None, x__xgafv=None)
+    setDefaultNetworkTier(project, body=None, requestId=None)
   
Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.
 
 Args:
@@ -870,16 +999,29 @@ 
Method Details

   "networkTier": "A String", # Default network tier to be set.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -913,7 +1055,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -927,7 +1070,7 @@ 
Method Details

 

 
 

-    setUsageExportBucket(project, body=None, requestId=None, x__xgafv=None)
+    setUsageExportBucket(project, body=None, requestId=None)
   
Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.
 
 Args:
@@ -940,16 +1083,29 @@ 
Method Details

   "reportNamePrefix": "A String", # An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -983,7 +1139,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.publicAdvertisedPrefixes.html b/docs/dyn/compute_v1.publicAdvertisedPrefixes.html
index 7b634a8a9da..354e9e2ff9f 100644
--- a/docs/dyn/compute_v1.publicAdvertisedPrefixes.html
+++ b/docs/dyn/compute_v1.publicAdvertisedPrefixes.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, publicAdvertisedPrefix, requestId=None, x__xgafv=None)

+  delete(project, publicAdvertisedPrefix, requestId=None)

 
Deletes the specified PublicAdvertisedPrefix

 

-  get(project, publicAdvertisedPrefix, x__xgafv=None)

+  get(project, publicAdvertisedPrefix)

 
Returns the specified PublicAdvertisedPrefix resource.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a PublicAdvertisedPrefix in the specified project using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the PublicAdvertisedPrefixes for a project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, publicAdvertisedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, publicAdvertisedPrefix, body=None, requestId=None)

 
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, publicAdvertisedPrefix, requestId=None, x__xgafv=None)
+    delete(project, publicAdvertisedPrefix, requestId=None)
   
Deletes the specified PublicAdvertisedPrefix
 
 Args:
   project: string, Project ID for this request. (required)
   publicAdvertisedPrefix: string, Name of the PublicAdvertisedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -151,7 +164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -165,16 +179,12 @@ 
Method Details

 

 
 

-    get(project, publicAdvertisedPrefix, x__xgafv=None)
+    get(project, publicAdvertisedPrefix)
   
Returns the specified PublicAdvertisedPrefix resource.
 
 Args:
   project: string, Project ID for this request. (required)
   publicAdvertisedPrefix: string, Name of the PublicAdvertisedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -183,7 +193,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -204,7 +216,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a PublicAdvertisedPrefix in the specified project using the parameters that are included in the request.
 
 Args:
@@ -216,7 +228,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -235,16 +249,29 @@ 
Method Details

   "status": "A String", # The status of the public advertised prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -278,7 +305,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -292,20 +320,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the PublicAdvertisedPrefixes for a project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -317,7 +351,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
       "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -341,7 +377,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -367,7 +404,7 @@ 
Method Details

 

 
 

-    patch(project, publicAdvertisedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, publicAdvertisedPrefix, body=None, requestId=None)
   
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -380,7 +417,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "dnsVerificationIp": "A String", # The IPv4 address to be used for reverse DNS verification.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public advertised prefix.
   "kind": "compute#publicAdvertisedPrefix", # [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes.
@@ -399,16 +438,29 @@ 
Method Details

   "status": "A String", # The status of the public advertised prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -442,7 +494,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.publicDelegatedPrefixes.html b/docs/dyn/compute_v1.publicDelegatedPrefixes.html
index 2d42e26cd74..97b65c48c73 100644
--- a/docs/dyn/compute_v1.publicDelegatedPrefixes.html
+++ b/docs/dyn/compute_v1.publicDelegatedPrefixes.html
@@ -75,7 +75,7 @@
 
Compute Engine API . publicDelegatedPrefixes

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all PublicDelegatedPrefix resources owned by the specific project across all scopes.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,40 +84,46 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, publicDelegatedPrefix, requestId=None, x__xgafv=None)

+  delete(project, region, publicDelegatedPrefix, requestId=None)

 
Deletes the specified PublicDelegatedPrefix in the given region.

 

-  get(project, region, publicDelegatedPrefix, x__xgafv=None)

+  get(project, region, publicDelegatedPrefix)

 
Returns the specified PublicDelegatedPrefix resource in the given region.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a PublicDelegatedPrefix in the specified project in the given region using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the PublicDelegatedPrefixes for a project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, publicDelegatedPrefix, body=None, requestId=None)

 
Patches the specified PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all PublicDelegatedPrefix resources owned by the specific project across all scopes.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,7 +136,9 @@ 
Method Details

         { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
           "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
           "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
           "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -155,7 +163,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of public delegated prefixes when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,7 +182,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -204,23 +214,36 @@ 
Method Details

 

 
 

-    delete(project, region, publicDelegatedPrefix, requestId=None, x__xgafv=None)
+    delete(project, region, publicDelegatedPrefix, requestId=None)
   
Deletes the specified PublicDelegatedPrefix in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -254,7 +277,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -268,17 +292,13 @@ 
Method Details

 

 
 

-    get(project, region, publicDelegatedPrefix, x__xgafv=None)
+    get(project, region, publicDelegatedPrefix)
   
Returns the specified PublicDelegatedPrefix resource in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
   publicDelegatedPrefix: string, Name of the PublicDelegatedPrefix resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -286,7 +306,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -311,7 +333,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a PublicDelegatedPrefix in the specified project in the given region using the parameters that are included in the request.
 
 Args:
@@ -323,7 +345,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -346,16 +370,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -389,7 +426,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -403,21 +441,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the PublicDelegatedPrefixes for a project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region of this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -428,7 +472,9 @@ 
Method Details

     { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
       "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
       "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
       "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -456,7 +502,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -482,7 +529,7 @@ 
Method Details

 

 
 

-    patch(project, region, publicDelegatedPrefix, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, publicDelegatedPrefix, body=None, requestId=None)
   
Patches the specified PublicDelegatedPrefix resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -495,7 +542,9 @@ 
Method Details

 { # A PublicDelegatedPrefix resource represents an IP block within a PublicAdvertisedPrefix that is configured within a single cloud scope (global or region). IPs in the block can be allocated to resources within that scope. Public delegated prefixes may be further broken up into smaller IP blocks in the same scope as the parent block.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicDelegatedPrefix. An up-to-date fingerprint must be provided in order to update the PublicDelegatedPrefix, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a PublicDelegatedPrefix.
   "id": "A String", # [Output Only] The unique identifier for the resource type. The server generates this identifier.
   "ipCidrRange": "A String", # The IPv4 address range, in CIDR format, represented by this public delegated prefix.
   "isLiveMigration": True or False, # If true, the prefix will be live migrated.
@@ -518,16 +567,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of the public delegated prefix.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -561,7 +623,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionAutoscalers.html b/docs/dyn/compute_v1.regionAutoscalers.html
index ffe60381934..25e7f39bd07 100644
--- a/docs/dyn/compute_v1.regionAutoscalers.html
+++ b/docs/dyn/compute_v1.regionAutoscalers.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, autoscaler, requestId=None, x__xgafv=None)

+  delete(project, region, autoscaler, requestId=None)

 
Deletes the specified autoscaler.

 

-  get(project, region, autoscaler, x__xgafv=None)

+  get(project, region, autoscaler)

 
Returns the specified autoscaler.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates an autoscaler in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of autoscalers contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)

+  update(project, region, autoscaler=None, body=None, requestId=None)

 
Updates an autoscaler in the specified project using the data included in the request.

 
Method Details

 

@@ -105,23 +105,36 @@ 
Method Details

 

 
 

-    delete(project, region, autoscaler, requestId=None, x__xgafv=None)
+    delete(project, region, autoscaler, requestId=None)
   
Deletes the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   autoscaler: string, Name of the autoscaler to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -155,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,34 +183,69 @@ 
Method Details

 

 
 

-    get(project, region, autoscaler, x__xgafv=None)
+    get(project, region, autoscaler)
   
Returns the specified autoscaler.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   autoscaler: string, Name of the autoscaler to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+    #
+    # Google Compute Engine has two Autoscaler resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    #
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    #
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    #
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      #
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -208,7 +257,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -221,7 +274,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -240,11 +293,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -253,7 +326,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -262,19 +335,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -286,7 +398,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -299,7 +415,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -318,27 +434,60 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
   "zone": "A String", # [Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -372,7 +521,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -386,21 +536,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of autoscalers contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -408,19 +564,58 @@ 
Method Details

     { # Contains a list of autoscalers.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Autoscaler resources.
-    { # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+    { # Represents an Autoscaler resource.
+        #
+        # Google Compute Engine has two Autoscaler resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+        #
+        # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+        #
+        # For zonal managed instance groups resource, use the autoscaler resource.
+        #
+        # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+      "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+          #
+          # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+        "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+            #
+            # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
         "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+          "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+              #
+              # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+          "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+              #
+              # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+              #
+              # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
         },
         "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
           { # Custom utilization metric policy.
-            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+            "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+                #
+                # For the filter to be valid for autoscaling purposes, the following rules apply:
+                # - You can only use the AND operator for joining selectors.
+                # - You can only use direct equality comparison operator (=) without any functions for each selector.
+                # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+                # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+                # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+                #
+                # If not specified, the type defaults to gce_instance.
+                #
+                # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+            "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+                #
+                # The metric must have a value type of INT64 or DOUBLE.
+            "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+                #
+                # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+                #
+                # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+            "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+                #
+                # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
             "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
           },
         ],
@@ -432,7 +627,11 @@ 
Method Details

         "mode": "A String", # Defines operating mode for this policy.
         "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
           "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -445,7 +644,7 @@ 
Method Details

             "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
             "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
             "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+            "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
           },
         },
       },
@@ -464,11 +663,31 @@ 
Method Details

         },
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+      "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+          # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+          # - DELETING: Configuration is being deleted.
+          # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+          # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
       "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
         {
           "message": "A String", # The status message.
-          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+          "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+              # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+              # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+              # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+              # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+              # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+              # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+              # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+              # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+              # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+              # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+              # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+              # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+              # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+              # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+              # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+              # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
         },
       ],
       "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -480,7 +699,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -506,7 +726,7 @@ 
Method Details

 

 
 

-    patch(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -515,19 +735,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -539,7 +798,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -552,7 +815,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -571,11 +834,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -583,16 +866,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to patch.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -626,7 +922,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -640,7 +937,7 @@ 
Method Details

 

 
 

-    update(project, region, autoscaler=None, body=None, requestId=None, x__xgafv=None)
+    update(project, region, autoscaler=None, body=None, requestId=None)
   
Updates an autoscaler in the specified project using the data included in the request.
 
 Args:
@@ -649,19 +946,58 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an Autoscaler resource. Google Compute Engine has two Autoscaler resources: * [Zonal](/compute/docs/reference/rest/v1/autoscalers) * [Regional](/compute/docs/reference/rest/v1/regionAutoscalers) Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances. For zonal managed instance groups resource, use the autoscaler resource. For regional managed instance groups, use the regionAutoscalers resource.
-  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization. If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
-    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds. Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
+{ # Represents an Autoscaler resource.
+    # 
+    # Google Compute Engine has two Autoscaler resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/autoscalers) * [Regional](/compute/docs/reference/rest/{$api_version}/regionAutoscalers)
+    # 
+    # Use autoscalers to automatically add or delete instances from a managed instance group according to your defined autoscaling policy. For more information, read Autoscaling Groups of Instances.
+    # 
+    # For zonal managed instance groups resource, use the autoscaler resource.
+    # 
+    # For regional managed instance groups, use the regionAutoscalers resource. (== resource_for {$api_version}.autoscalers ==) (== resource_for {$api_version}.regionAutoscalers ==)
+  "autoscalingPolicy": { # Cloud Autoscaler policy. # The configuration parameters for the autoscaling algorithm. You can define one or more signals for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.
+      # 
+      # If none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%.
+    "coolDownPeriodSec": 42, # The number of seconds that the autoscaler waits before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.
+        #
+        # Virtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.
     "cpuUtilization": { # CPU utilization policy. # Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group.
-      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
-      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
+      "predictiveMethod": "A String", # Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are:
+          #
+          # * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.
+      "utilizationTarget": 3.14, # The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.
+          #
+          # If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.
+          #
+          # If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.
     },
     "customMetricUtilizations": [ # Configuration parameters of autoscaling based on a custom metric.
       { # Custom utilization metric policy.
-        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
-        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE.
-        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
-        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
+        "filter": "A String", # A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.
+            #
+            # For the filter to be valid for autoscaling purposes, the following rules apply:
+            # - You can only use the AND operator for joining selectors.
+            # - You can only use direct equality comparison operator (=) without any functions for each selector.
+            # - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical.
+            # - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.
+            # If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.
+            #
+            # If not specified, the type defaults to gce_instance.
+            #
+            # Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.
+        "metric": "A String", # The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.
+            #
+            # The metric must have a value type of INT64 or DOUBLE.
+        "singleInstanceAssignment": 3.14, # If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing.
+            #
+            # A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.
+            #
+            # A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.
+        "utilizationTarget": 3.14, # The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.
+            #
+            # For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances.
         "utilizationTargetType": "A String", # Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.
       },
     ],
@@ -673,7 +1009,11 @@ 
Method Details

     "mode": "A String", # Defines operating mode for this policy.
     "scaleInControl": { # Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
       "maxScaledInReplicas": { # Encapsulates numeric value that can be either absolute or relative. # Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -686,7 +1026,7 @@ 
Method Details

         "durationSec": 42, # The duration of time intervals, in seconds, for which this scaling schedule is to run. The minimum allowed value is 300. This field is required.
         "minRequiredReplicas": 42, # The minimum number of VM instances that the autoscaler will recommend in time intervals starting according to schedule. This field is required.
         "schedule": "A String", # The start timestamps of time intervals when this scaling schedule is to provide a scaling signal. This field uses the extended cron format (with an optional year field). The expression can describe a single timestamp if the optional year is set, in which case the scaling schedule runs once. The schedule is interpreted with respect to time_zone. This field is required. Note: These timestamps only describe when autoscaler starts providing the scaling signal. The VMs need additional time to become serving.
-        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of “UTC” if left empty.
+        "timeZone": "A String", # The time zone to use when interpreting the schedule. The value of this field must be a time zone name from the tz database: http://en.wikipedia.org/wiki/Tz_database. This field is assigned a default value of ?UTC? if left empty.
       },
     },
   },
@@ -705,11 +1045,31 @@ 
Method Details

     },
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values: - PENDING: Autoscaler backend hasn't read new/updated configuration. - DELETING: Configuration is being deleted. - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field. - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field. New values might be added in the future.
+  "status": "A String", # [Output Only] The status of the autoscaler configuration. Current set of possible values:
+      # - PENDING: Autoscaler backend hasn't read new/updated configuration.
+      # - DELETING: Configuration is being deleted.
+      # - ACTIVE: Configuration is acknowledged to be effective. Some warnings might be present in the statusDetails field.
+      # - ERROR: Configuration has errors. Actionable for users. Details are present in the statusDetails field.  New values might be added in the future.
   "statusDetails": [ # [Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.
     {
       "message": "A String", # The status message.
-      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions.
+      "type": "A String", # The type of error, warning, or notice returned. Current set of possible values:
+          # - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state).
+          # - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group.
+          # - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas.
+          # - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling.
+          # - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels.
+          # - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group.
+          # - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling.
+          # - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer.
+          # - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved.
+          # - MODE_ONLY_UP (WARNING): Autoscaling is in the "Autoscale only out" mode. The autoscaler can add instances but not remove any.
+          # - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it.
+          # - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances.
+          # - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region.
+          # - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist.
+          # - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate.
+          # - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout.  New values might be added in the future. Some of the values might not be available in all API versions.
     },
   ],
   "target": "A String", # URL of the managed instance group that this autoscaler will scale. This field is required when creating an autoscaler.
@@ -717,16 +1077,29 @@ 
Method Details

 }
 
   autoscaler: string, Name of the autoscaler to update.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -760,7 +1133,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionBackendServices.html b/docs/dyn/compute_v1.regionBackendServices.html
index 0255a51c299..3e6b6d4e31d 100644
--- a/docs/dyn/compute_v1.regionBackendServices.html
+++ b/docs/dyn/compute_v1.regionBackendServices.html
@@ -78,29 +78,29 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, backendService, requestId=None, x__xgafv=None)

+  delete(project, region, backendService, requestId=None)

 
Deletes the specified regional BackendService resource.

 

-  get(project, region, backendService, x__xgafv=None)

+  get(project, region, backendService)

 
Returns the specified regional BackendService resource.

 

-  getHealth(project, region, backendService, body=None, x__xgafv=None)

+  getHealth(project, region, backendService, body=None)

 
Gets the most recent health check results for this regional BackendService.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

-
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.

+  insert(project, region, body=None, requestId=None)

+
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of regional BackendService resources available to the specified project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, backendService, body=None, requestId=None, x__xgafv=None)

-
Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+  patch(project, region, backendService, body=None, requestId=None)

+
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, region, backendService, body=None, requestId=None, x__xgafv=None)

-
Updates the specified regional BackendService resource with the data included in the request. For more information, see Backend services overview .

+  update(project, region, backendService, body=None, requestId=None)

+
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Backend services overview.

 
Method Details

 

     close()
@@ -108,23 +108,36 @@ 
Method Details

 

 
 

-    delete(project, region, backendService, requestId=None, x__xgafv=None)
+    delete(project, region, backendService, requestId=None)
   
Deletes the specified regional BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   backendService: string, Name of the BackendService resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +171,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,40 +186,80 @@ 
Method Details

 

 
 

-    get(project, region, backendService, x__xgafv=None)
+    get(project, region, backendService)
   
Returns the specified regional BackendService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   backendService: string, Name of the BackendService resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+    #
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    #
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    #
+    # For more information, see Backend Services.
+    #
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      #
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -222,7 +276,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -250,7 +310,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -272,35 +338,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      #
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      #
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -319,25 +412,53 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      #
+      #
+      #
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      #
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      #
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      #
+      # When the loadBalancingScheme is EXTERNAL:
+      #
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      #
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      #
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      #
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }

 

 
 

-    getHealth(project, region, backendService, body=None, x__xgafv=None)
+    getHealth(project, region, backendService, body=None)
   
Gets the most recent health check results for this regional BackendService.
 
 Args:
@@ -351,10 +472,6 @@ 
Method Details

   "group": "A String", # A URI referencing one of the instance groups or network endpoint groups listed in the backend service.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -383,8 +500,8 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
-  
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.
+    insert(project, region, body=None, requestId=None)
+  
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -392,25 +509,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -427,7 +588,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -455,7 +622,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -477,35 +650,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -524,32 +724,73 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -583,7 +824,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -597,21 +839,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of regional BackendService resources available to the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -619,25 +867,69 @@ 
Method Details

     { # Contains a list of BackendService resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of BackendService resources.
-    { # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+    { # Represents a Backend Service resource.
+        #
+        # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+        #
+        # Backend services in Google Compute Engine can be either regionally or globally scoped.
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+        #
+        # For more information, see Backend Services.
+        #
+        # (== resource_for {$api_version}.backendService ==)
+      "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+          #
+          # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backends": [ # The list of backends that serve this BackendService.
         { # Message containing information of one individual backend.
-          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+          "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+              #
+              # Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+          "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+              #
+              #
+              # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+              #
+              # For regional services, the backend must be in the same region as the backend service.
+              #
+              # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+          "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing
+          "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is RATE. Not supported by:
+              #
+              # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+          "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
+          "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+              #
+              # Not available if the backend's balancingMode is CONNECTION.
           "maxUtilization": 3.14,
         },
       ],
-      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+      "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
         "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
           { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
             "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -654,7 +946,13 @@ 
Method Details

             "A String",
           ],
         },
-        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+        "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+            #
+            # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+            #
+            # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+            #
+            # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
         "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -682,7 +980,13 @@ 
Method Details

       "connectionDraining": { # Message containing connection draining configuration.
         "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
       },
-      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
           "name": "A String", # Name of the cookie.
           "path": "A String", # Path to set for the cookie.
@@ -704,35 +1008,62 @@ 
Method Details

       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
       "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+        "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+            #
+            # The default is false.
         "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
         "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
       },
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+      "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
         "A String",
       ],
       "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
         "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
         "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+        "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
         "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
       },
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+      "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+          # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+          # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+          # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+          # - RANDOM: The load balancer selects a random healthy host.
+          # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+          # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+          #
+          # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
         "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
         "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+          # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+          # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+          #
+          # This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
         "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -751,19 +1082,47 @@ 
Method Details

         "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
         "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
       },
-      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-      "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+      "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+      "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+          #
+          #
+          #
+          # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+      "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+          #
+          # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+          #
+          # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
       "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+      "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+          # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+          # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+        "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+            # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            # If left blank, communications are not encrypted.
+            # Note: This field currently has no impact.
+        "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+            # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+            # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+            # Note: This field currently has no impact.
           "A String",
         ],
       },
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+          #
+          # When the loadBalancingScheme is EXTERNAL:
+          #
+          # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+          #
+          # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+          #
+          # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+          #
+          # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
     },
   ],
@@ -772,7 +1131,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -798,8 +1158,8 @@ 
Method Details

 

 
 

-    patch(project, region, backendService, body=None, requestId=None, x__xgafv=None)
-  
Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
+    patch(project, region, backendService, body=None, requestId=None)
+  
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -808,25 +1168,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -843,7 +1247,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -871,7 +1281,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -893,35 +1309,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -940,32 +1383,73 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -999,7 +1483,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1013,8 +1498,8 @@ 
Method Details

 

 
 

-    update(project, region, backendService, body=None, requestId=None, x__xgafv=None)
-  
Updates the specified regional BackendService resource with the data included in the request. For more information, see Backend services overview .
+    update(project, region, backendService, body=None, requestId=None)
+  
Updates the specified regional BackendService resource with the data included in the request. For more information, see  Backend services overview.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1023,25 +1508,69 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Backend Service resource. A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly. Backend services in Google Compute Engine can be either regionally or globally scoped. * [Global](/compute/docs/reference/rest/v1/backendServices) * [Regional](/compute/docs/reference/rest/v1/regionBackendServices) For more information, see Backend Services.
-  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day ( 86,400). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+{ # Represents a Backend Service resource.
+    # 
+    # A backend service defines how Google Cloud load balancers distribute traffic. The backend service configuration contains a set of values, such as the protocol used to connect to backends, various distribution and session settings, health checks, and timeouts. These settings provide fine-grained control over how your load balancer behaves. Most of the settings have default values that allow for easy configuration if you need to get started quickly.
+    # 
+    # Backend services in Google Compute Engine can be either regionally or globally scoped.
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/backendServices) * [Regional](/compute/docs/reference/rest/{$api_version}/regionBackendServices)
+    # 
+    # For more information, see Backend Services.
+    # 
+    # (== resource_for {$api_version}.backendService ==)
+  "affinityCookieTtlSec": 42, # Lifetime of cookies in seconds. Only applicable if the loadBalancingScheme is EXTERNAL, INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, the protocol is HTTP or HTTPS, and the sessionAffinity is GENERATED_COOKIE, or HTTP_COOKIE.
+      # 
+      # If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value is one day (86,400).
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "backends": [ # The list of backends that serve this BackendService.
     { # Message containing information of one individual backend.
-      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode.
-      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "balancingMode": "A String", # Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see  Connection balancing mode.
+      "capacityScaler": 3.14, # A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service.
+          #
+          # Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "failover": True or False, # This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.
-      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme. - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing), INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service. - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported. For regional services, the backend must be in the same region as the backend service. You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
-      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing
-      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by: - Internal TCP/UDP Load Balancing - Network Load Balancing.
-      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
-      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION.
+      "group": "A String", # The fully-qualified URL of an instance group or network endpoint group (NEG) resource. The type of backend that a backend service supports depends on the backend service's loadBalancingScheme.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL (except Network Load Balancing),  INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED , the backend can be either an instance group or a NEG. The backends on the backend service must be either all instance groups or all NEGs. You cannot mix instance group and NEG backends on the same backend service.
+          #
+          #
+          # - When the loadBalancingScheme for the backend service is EXTERNAL for Network Load Balancing or INTERNAL for Internal TCP/UDP Load Balancing, the backend must be an instance group. NEGs are not supported.
+          #
+          # For regional services, the backend must be in the same region as the backend service.
+          #
+          # You must use the fully-qualified URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported.
+      "maxConnections": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing
+      "maxConnectionsPerEndpoint": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxConnectionsPerInstance": 42, # Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is RATE. Not supported by:
+          #
+          # - Internal TCP/UDP Load Balancing - Network Load Balancing.
+      "maxRate": 42, # Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerEndpoint": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
+      "maxRatePerInstance": 3.14, # Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode.
+          #
+          # Not available if the backend's balancingMode is CONNECTION.
       "maxUtilization": 3.14,
     },
   ],
-  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for external HTTP(S) Load Balancing.
+  "cdnPolicy": { # Message containing Cloud CDN configuration for a backend service. # Cloud CDN configuration for this BackendService. Only available for  external HTTP(S) Load Balancing.
     "bypassCacheOnRequestHeaders": [ # Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings.
       { # Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
         "headerName": "A String", # The header field name to match on when bypassing cache. Values are case-insensitive.
@@ -1058,7 +1587,13 @@ 
Method Details

         "A String",
       ],
     },
-    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
+    "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are:
+        #
+        # USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.
+        #
+        # FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.
+        #
+        # CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
     "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
@@ -1086,7 +1621,13 @@ 
Method Details

   "connectionDraining": { # Message containing connection draining configuration.
     "drainingTimeoutSec": 42, # Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining.
   },
-  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "consistentHash": { # This message defines settings for a consistent hash style load balancer. # Consistent Hash-based load balancing can be used to provide soft session affinity based on HTTP headers, cookies or other properties. This load balancing policy is applicable only for HTTP connections. The affinity to a particular destination host will be lost when one or more hosts are added/removed from the destination service. This field specifies parameters that control consistent hashing. This field is only applicable when localityLbPolicy is set to MAGLEV or RING_HASH.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "httpCookie": { # The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash. # Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE.
       "name": "A String", # Name of the cookie.
       "path": "A String", # Path to set for the cookie.
@@ -1108,35 +1649,62 @@ 
Method Details

   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enableCDN": True or False, # If true, enables Cloud CDN for the backend service. Only applicable if the loadBalancingScheme is EXTERNAL and the protocol is HTTP or HTTPS.
   "failoverPolicy": { # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. GCP has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes). # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. Requires at least one backend instance group to be defined as a backup (failover) backend.
-    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP. The default is false.
+    "disableConnectionDrainOnFailover": True or False, # This can be set to true only if the protocol is TCP.
+        #
+        # The default is false.
     "dropTrafficIfUnhealthy": True or False, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing, If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. The default is false.
     "failoverRatio": 3.14, # Applicable only to Failover for Internal TCP/UDP Load Balancing and Network Load Balancing. The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio.
   },
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a BackendService.
-  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a BackendService.
+  "healthChecks": [ # The list of URLs to the healthChecks, httpHealthChecks (legacy), or httpsHealthChecks (legacy) resource for health checking this backend service. Not all backend services support legacy health checks. See  Load balancer guide. Currently, at most one health check can be specified for each backend service. Backend services with instance group or zonal NEG backends must have a health check. Backend services with internet or serverless NEG backends must not have a health check.
     "A String",
   ],
   "iap": { # Identity-Aware Proxy # The configurations for Identity-Aware Proxy on this resource. Not available for Internal TCP/UDP Load Balancing and Network Load Balancing.
     "enabled": True or False, # Whether the serving infrastructure will authenticate and authorize all incoming requests. If true, the oauth2ClientId and oauth2ClientSecret fields must be non-empty.
     "oauth2ClientId": "A String", # OAuth2 client ID to use for the authentication flow.
-    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly
+    "oauth2ClientSecret": "A String", # OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.
     "oauth2ClientSecretSha256": "A String", # [Output Only] SHA256 hash value for the field oauth2_client_secret above.
   },
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#backendService", # [Output Only] Type of resource. Always compute#backendService for backend services.
-  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose INTERNAL for Internal TCP/UDP Load Balancing. Choose INTERNAL_MANAGED for Internal HTTP(S) Load Balancing. INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
-  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "loadBalancingScheme": "A String", # Specifies the load balancer type. Choose EXTERNAL for external HTTP(S), SSL Proxy, TCP Proxy and Network Load Balancing. Choose  INTERNAL for Internal TCP/UDP Load Balancing. Choose  INTERNAL_MANAGED for Internal HTTP(S) Load Balancing.  INTERNAL_SELF_MANAGED for Traffic Director. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.
+  "localityLbPolicy": "A String", # The load balancing algorithm used within the scope of the locality. The possible values are:
+      # - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default.
+      # - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.
+      # - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.
+      # - RANDOM: The load balancer selects a random healthy host.
+      # - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.
+      # - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect.
+      # 
+      # Only the default ROUND_ROBIN policy is supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "logConfig": { # The available logging options for the load balancer traffic served by this backend service. # This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver.
     "enable": True or False, # This field denotes whether to enable logging for the load balancer traffic served by this backend service.
     "sampleRate": 3.14, # This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0.
   },
-  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, there will be no timeout limit, i.e. the maximum duration is infinite. This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service. This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
+  "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the default maximum duration (timeout) for streams to this service. Duration is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+      # If not specified, there will be no timeout limit, i.e. the maximum duration is infinite.
+      # This value can be overridden in the PathMatcher configuration of the UrlMap that references this backend service.
+      # This field is only allowed when the loadBalancingScheme of the backend service is INTERNAL_SELF_MANAGED.
     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
   },
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this backend service belongs. This field can only be specified when the load balancing scheme is set to INTERNAL.
-  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "outlierDetection": { # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. # Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service. If not set, this feature is considered disabled.
+      # 
+      # This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
     "baseEjectionTime": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # The base time that a host is ejected for. The real ejection time is equal to the base ejection time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
@@ -1155,32 +1723,73 @@ 
Method Details

     "successRateRequestVolume": 42, # The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100.
     "successRateStdevFactor": 42, # This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900.
   },
-  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
-  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs. Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
-  "protocol": "A String", # The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
+  "port": 42, # Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port.
+  "portName": "A String", # A named port on a backend instance group representing the port for communication to the backend VMs in that group. Required when the loadBalancingScheme is EXTERNAL (except Network Load Balancing), INTERNAL_MANAGED, or  INTERNAL_SELF_MANAGED and the backends are instance groups. The named port must be defined on each backend instance group. This parameter has no meaning if the backends are NEGs.
+      # 
+      # 
+      # 
+      # Backend services for Internal TCP/UDP Load Balancing and Network Load Balancing require you omit port_name.
+  "protocol": "A String", # The protocol this BackendService uses to communicate with backends.
+      # 
+      # Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancer or for Traffic Director for more information.
+      # 
+      # Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.
   "region": "A String", # [Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "securityPolicy": "A String", # [Output Only] The resource URL for the security policy associated with this backend service.
-  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
-    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
-    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode). Note: This field currently has no impact.
+  "securitySettings": { # The authentication and authorization settings for a BackendService. # This field specifies the security policy that applies to this backend service. This field is applicable to either:
+      # - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED.
+      # - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+    "clientTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends.
+        # clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        # If left blank, communications are not encrypted.
+        # Note: This field currently has no impact.
+    "subjectAltNames": [ # Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service.
+        # Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities.
+        # Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode).
+        # Note: This field currently has no impact.
       "A String",
     ],
   },
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE.
+      # 
+      # When the loadBalancingScheme is EXTERNAL:
+      # 
+      # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or  CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.
+      # 
+      # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.
+      # 
+      # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.
+      # 
+      # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1214,7 +1823,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionCommitments.html b/docs/dyn/compute_v1.regionCommitments.html
index f78bf040d03..9c51ce0b88b 100644
--- a/docs/dyn/compute_v1.regionCommitments.html
+++ b/docs/dyn/compute_v1.regionCommitments.html
@@ -75,7 +75,7 @@
 
Compute Engine API . regionCommitments

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of commitments.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,34 +84,40 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, commitment, x__xgafv=None)

+  get(project, region, commitment)

 
Returns the specified commitment resource. Gets a list of available commitments by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a commitment in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of commitments contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of commitments.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -121,7 +127,9 @@ 
Method Details

   "items": { # A list of CommitmentsScopedList resources.
     "a_key": { # [Output Only] Name of the scope containing this set of commitments.
       "commitments": [ # [Output Only] A list of commitments contained in this scope.
-        { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+        { # Represents a regional Commitment resource.
+            #
+            # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
           "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -137,7 +145,7 @@ 
Method Details

           "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
           "region": "A String", # [Output Only] URL of the region where this commitment may be used.
           "reservations": [ # List of reservations in this commitment.
-            { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+            { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
               "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
               "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -187,7 +195,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of commitments when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -205,7 +214,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -236,22 +246,20 @@ 
Method Details

 

 
 

-    get(project, region, commitment, x__xgafv=None)
+    get(project, region, commitment)
   
Returns the specified commitment resource. Gets a list of available commitments by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   commitment: string, Name of the commitment to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+    { # Represents a regional Commitment resource.
+    #
+    # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
   "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -267,7 +275,7 @@ 
Method Details

   "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
   "region": "A String", # [Output Only] URL of the region where this commitment may be used.
   "reservations": [ # List of reservations in this commitment.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -317,7 +325,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a commitment in the specified project using the data included in the request.
 
 Args:
@@ -326,7 +334,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+{ # Represents a regional Commitment resource.
+    # 
+    # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
   "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -342,7 +352,7 @@ 
Method Details

   "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
   "region": "A String", # [Output Only] URL of the region where this commitment may be used.
   "reservations": [ # List of reservations in this commitment.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -390,16 +400,29 @@ 
Method Details

   "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -433,7 +456,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -447,21 +471,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of commitments contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -469,7 +499,9 @@ 
Method Details

     { # Contains a list of Commitment resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Commitment resources.
-    { # Represents a regional Commitment resource. Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.
+    { # Represents a regional Commitment resource.
+        #
+        # Creating a commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts. (== resource_for {$api_version}.regionCommitments ==)
       "category": "A String", # The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -485,7 +517,7 @@ 
Method Details

       "plan": "A String", # The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).
       "region": "A String", # [Output Only] URL of the region where this commitment may be used.
       "reservations": [ # List of reservations in this commitment.
-        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
           "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -538,7 +570,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionDiskTypes.html b/docs/dyn/compute_v1.regionDiskTypes.html
index 996f6db2a19..63b4c53c6e4 100644
--- a/docs/dyn/compute_v1.regionDiskTypes.html
+++ b/docs/dyn/compute_v1.regionDiskTypes.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, diskType, x__xgafv=None)

+  get(project, region, diskType)

 
Returns the specified regional disk type. Gets a list of available disk types by making a list() request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of regional disk types available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,22 +93,28 @@ 
Method Details

 

 
 

-    get(project, region, diskType, x__xgafv=None)
+    get(project, region, diskType)
   
Returns the specified regional disk type. Gets a list of available disk types by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
   diskType: string, Name of the disk type to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/v1/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/v1/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+    #
+    # Google Compute Engine has two Disk Type resources:
+    #
+    # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+    #
+    # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+    #
+    # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -130,21 +136,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of regional disk types available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -152,7 +164,17 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of DiskType resources.
-    { # Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/v1/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/v1/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.
+    { # Represents a Disk Type resource.
+        #
+        # Google Compute Engine has two Disk Type resources:
+        #
+        # * [Regional](/compute/docs/reference/rest/{$api_version}/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/{$api_version}/diskTypes)
+        #
+        # You can choose from a variety of disk types based on your needs. For more information, read Storage options.
+        #
+        # The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks. (== resource_for {$api_version}.diskTypes ==) (== resource_for {$api_version}.regionDiskTypes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultDiskSizeGb": "A String", # [Output Only] Server-defined default disk size in GB.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this disk type.
@@ -177,7 +199,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionDisks.html b/docs/dyn/compute_v1.regionDisks.html
index 85e167322df..08114c280f6 100644
--- a/docs/dyn/compute_v1.regionDisks.html
+++ b/docs/dyn/compute_v1.regionDisks.html
@@ -75,50 +75,50 @@
 
Compute Engine API . regionDisks

 
Instance Methods

 

-  addResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  addResourcePolicies(project, region, disk, body=None, requestId=None)

 
Adds existing resource policies to a regional disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.

 

   close()

 
Close httplib2 connections.

 

-  createSnapshot(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  createSnapshot(project, region, disk, body=None, requestId=None)

 
Creates a snapshot of this regional disk.

 

-  delete(project, region, disk, requestId=None, x__xgafv=None)

+  delete(project, region, disk, requestId=None)

 
Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.

 

-  get(project, region, disk, x__xgafv=None)

+  get(project, region, disk)

 
Returns a specified regional persistent disk.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, sourceImage=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None, sourceImage=None)

 
Creates a persistent regional disk in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of persistent disks contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  removeResourcePolicies(project, region, disk, body=None, requestId=None)

 
Removes resource policies from a regional disk.

 

-  resize(project, region, disk, body=None, requestId=None, x__xgafv=None)

+  resize(project, region, disk, body=None, requestId=None)

 
Resizes the specified regional persistent disk.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on the target regional disk.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    addResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    addResourcePolicies(project, region, disk, body=None, requestId=None)
   
Adds existing resource policies to a regional disk. You can only add one policy which will be applied to this disk for scheduling snapshot creation.
 
 Args:
@@ -134,16 +134,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -177,7 +190,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -196,7 +210,7 @@ 
Method Details

 

 
 

-    createSnapshot(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    createSnapshot(project, region, disk, body=None, requestId=None)
   
Creates a snapshot of this regional disk.
 
 Args:
@@ -206,7 +220,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+{ # Represents a Persistent Disk Snapshot resource.
+    # 
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -215,7 +231,9 @@ 
Method Details

   "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -229,7 +247,13 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      # 
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      # 
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
@@ -251,16 +275,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -294,7 +331,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -308,23 +346,36 @@ 
Method Details

 

 
 

-    delete(project, region, disk, requestId=None, x__xgafv=None)
+    delete(project, region, disk, requestId=None)
   
Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   disk: string, Name of the regional persistent disk to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -358,7 +409,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -372,38 +424,52 @@ 
Method Details

 

 
 

-    get(project, region, disk, x__xgafv=None)
+    get(project, region, disk)
   
Returns a specified regional persistent disk.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   disk: string, Name of the regional persistent disk to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/v1/disks) * [Regional](/compute/docs/reference/rest/v1/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+    #
+    # Google Compute Engine has two Disk resources:
+    #
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    #
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    #
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    #
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      #
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      #
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -429,10 +495,33 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      #
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      #
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      #
+      #
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      #
+      #
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      #
+      #
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -440,7 +529,10 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -449,8 +541,13 @@ 
Method Details

   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
@@ -459,7 +556,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -467,27 +564,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -495,76 +616,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, sourceImage=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None, sourceImage=None)
   
Creates a persistent regional disk in the specified project using the data included in the request.
 
 Args:
@@ -573,23 +762,41 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/v1/disks) * [Regional](/compute/docs/reference/rest/v1/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+{ # Represents a Persistent Disk resource.
+    # 
+    # Google Compute Engine has two Disk resources:
+    # 
+    # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+    # 
+    # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+    # 
+    # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+    # 
+    # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+  "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+      # 
+      # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+      # 
+      # Customer-supplied encryption keys do not protect access to metadata of the disk.
+      # 
+      # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
-  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+  "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
     { # Guest OS features.
-      "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+      "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
     },
   ],
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a disk.
   "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
     "a_key": "A String",
   },
@@ -615,10 +822,33 @@ 
Method Details

   ],
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+  "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+      # 
+      # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+  "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+      # - projects/project/zones/zone/disks/disk
+      # - projects/project/regions/region/disks/disk
+      # - zones/zone/disks/disk
+      # - regions/region/disks/disk
   "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+  "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+      # 
+      # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+      # projects/debian-cloud/global/images/family/debian-9
+      # 
+      # 
+      # Alternatively, use a specific version of a public operating system image:
+      # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+      # 
+      # 
+      # To create a disk with a custom image that you created, specify the image name in the following format:
+      # global/images/my-custom-image
+      # 
+      # 
+      # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+      # global/images/family/my-image-family
   "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -626,7 +856,10 @@ 
Method Details

     "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
   },
   "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+  "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+      # - projects/project/global/snapshots/snapshot
+      # - global/snapshots/snapshot
   "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -635,25 +868,43 @@ 
Method Details

   },
   "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
   "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-  "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
-  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+  "status": "A String", # [Output Only] The status of disk creation.
+      # - CREATING: Disk is provisioning.
+      # - RESTORING: Source data is being copied into the disk.
+      # - FAILED: Disk creation failed.
+      # - READY: Disk is ready for use.
+      # - DELETING: Disk is deleting.
+  "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
   "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
     "A String",
   ],
   "zone": "A String", # [Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
   sourceImage: string, Source image to restore onto a disk. This field is optional.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -687,7 +938,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -701,21 +953,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of persistent disks contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -723,23 +981,41 @@ 
Method Details

     { # A list of Disk resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Disk resources.
-    { # Represents a Persistent Disk resource. Google Compute Engine has two Disk resources: * [Zonal](/compute/docs/reference/rest/v1/disks) * [Regional](/compute/docs/reference/rest/v1/regionDisks) Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options. The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks. The regionDisks resource represents a regional persistent disk. For more information, read Regional resources.
+    { # Represents a Persistent Disk resource.
+        #
+        # Google Compute Engine has two Disk resources:
+        #
+        # * [Zonal](/compute/docs/reference/rest/{$api_version}/disks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionDisks)
+        #
+        # Persistent disks are required for running your VM instances. Create both boot and non-boot (data) persistent disks. For more information, read Persistent Disks. For more storage options, read Storage options.
+        #
+        # The disks resource represents a zonal persistent disk. For more information, read Zonal persistent disks.
+        #
+        # The regionDisks resource represents a regional persistent disk. For more information, read  Regional resources. (== resource_for {$api_version}.disks ==) (== resource_for {$api_version}.regionDisks ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+      "diskEncryptionKey": { # Encrypts the disk using a customer-supplied encryption key.
+          #
+          # After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot, to create a disk image, to create a machine image, or to attach the disk to a virtual machine).
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the disk.
+          #
+          # If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
-      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+      "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
         { # Guest OS features.
-          "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+          "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
         },
       ],
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#disk", # [Output Only] Type of the resource. Always compute#disk for disks.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a disk.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a disk.
       "labels": { # Labels to apply to this disk. These can be later modified by the setLabels method.
         "a_key": "A String",
       },
@@ -765,10 +1041,33 @@ 
Method Details

       ],
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk. If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
-      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
+      "sizeGb": "A String", # Size, in GB, of the persistent disk. You can specify this field when creating a persistent disk using the sourceImage, sourceSnapshot, or sourceDisk parameter, or specify it alone to create an empty persistent disk.
+          #
+          # If you specify this field along with a source, the value of sizeGb must not be less than the size of the source. Acceptable values are 1 to 65536, inclusive.
+      "sourceDisk": "A String", # The source disk used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/disks/disk
+          # - projects/project/zones/zone/disks/disk
+          # - projects/project/regions/region/disks/disk
+          # - zones/zone/disks/disk
+          # - regions/region/disks/disk
       "sourceDiskId": "A String", # [Output Only] The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. For example, if you created the persistent disk from a disk that was later deleted and recreated under the same name, the source disk ID would identify the exact version of the disk that was used.
-      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family
+      "sourceImage": "A String", # The source image used to create this disk. If the source image is deleted, this field will not be set.
+          #
+          # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+          # projects/debian-cloud/global/images/family/debian-9
+          #
+          #
+          # Alternatively, use a specific version of a public operating system image:
+          # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+          #
+          #
+          # To create a disk with a custom image that you created, specify the image name in the following format:
+          # global/images/my-custom-image
+          #
+          #
+          # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+          # global/images/family/my-image-family
       "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -776,7 +1075,10 @@ 
Method Details

         "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
       },
       "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.
-      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project /global/snapshots/snapshot - projects/project/global/snapshots/snapshot - global/snapshots/snapshot
+      "sourceSnapshot": "A String", # The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot
+          # - projects/project/global/snapshots/snapshot
+          # - global/snapshots/snapshot
       "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -785,8 +1087,13 @@ 
Method Details

       },
       "sourceSnapshotId": "A String", # [Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.
       "sourceStorageObject": "A String", # The full Google Cloud Storage URI where the disk image is stored. This file must be a gzip-compressed tarball whose name ends in .tar.gz or virtual machine disk whose name ends in vmdk. Valid URIs may start with gs:// or https://storage.googleapis.com/. This flag is not optimized for creating multiple disks from a source storage object. To create many disks from a source storage object, use gcloud compute images import instead.
-      "status": "A String", # [Output Only] The status of disk creation. - CREATING: Disk is provisioning. - RESTORING: Source data is being copied into the disk. - FAILED: Disk creation failed. - READY: Disk is ready for use. - DELETING: Disk is deleting.
-      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd
+      "status": "A String", # [Output Only] The status of disk creation.
+          # - CREATING: Disk is provisioning.
+          # - RESTORING: Source data is being copied into the disk.
+          # - FAILED: Disk creation failed.
+          # - READY: Disk is ready for use.
+          # - DELETING: Disk is deleting.
+      "type": "A String", # URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard  or pd-ssd
       "users": [ # [Output Only] Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance
         "A String",
       ],
@@ -798,7 +1105,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -824,7 +1132,7 @@ 
Method Details

 

 
 

-    removeResourcePolicies(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    removeResourcePolicies(project, region, disk, body=None, requestId=None)
   
Removes resource policies from a regional disk.
 
 Args:
@@ -840,16 +1148,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -883,7 +1204,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -897,7 +1219,7 @@ 
Method Details

 

 
 

-    resize(project, region, disk, body=None, requestId=None, x__xgafv=None)
+    resize(project, region, disk, body=None, requestId=None)
   
Resizes the specified regional persistent disk.
 
 Args:
@@ -911,16 +1233,29 @@ 
Method Details

   "sizeGb": "A String", # The new size of the regional persistent disk, which is specified in GB.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -954,7 +1289,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -968,7 +1304,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -981,33 +1317,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1015,95 +1425,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1111,76 +1613,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on the target regional disk.
 
 Args:
@@ -1197,16 +1767,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1240,7 +1823,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1254,7 +1838,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1270,10 +1854,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.regionHealthCheckServices.html b/docs/dyn/compute_v1.regionHealthCheckServices.html
index fcd775fc6aa..a3c61e1c8c2 100644
--- a/docs/dyn/compute_v1.regionHealthCheckServices.html
+++ b/docs/dyn/compute_v1.regionHealthCheckServices.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, healthCheckService, requestId=None, x__xgafv=None)

+  delete(project, region, healthCheckService, requestId=None)

 
Deletes the specified regional HealthCheckService.

 

-  get(project, region, healthCheckService, x__xgafv=None)

+  get(project, region, healthCheckService)

 
Returns the specified regional HealthCheckService resource.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a regional HealthCheckService resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the HealthCheckService resources that have been configured for the specified project in the given region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, healthCheckService, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, healthCheckService, body=None, requestId=None)

 
Updates the specified regional HealthCheckService resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,23 +102,36 @@ 
Method Details

 

 
 

-    delete(project, region, healthCheckService, requestId=None, x__xgafv=None)
+    delete(project, region, healthCheckService, requestId=None)
   
Deletes the specified regional HealthCheckService.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheckService: string, Name of the HealthCheckService to delete. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -152,7 +165,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,29 +180,29 @@ 
Method Details

 

 
 

-    get(project, region, healthCheckService, x__xgafv=None)
+    get(project, region, healthCheckService)
   
Returns the specified regional HealthCheckService resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheckService: string, Name of the HealthCheckService to update. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     { # Represents a Health-Check as a Service resource.
+    #
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -204,7 +218,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a regional HealthCheckService resource in the specified project and region using the data included in the request.
 
 Args:
@@ -214,13 +228,17 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Health-Check as a Service resource.
+    # 
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -234,16 +252,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -277,7 +308,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -291,21 +323,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the HealthCheckService resources that have been configured for the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -314,13 +352,17 @@ 
Method Details

   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheckService resources.
     { # Represents a Health-Check as a Service resource.
+        #
+        # (== resource_for {$api_version}.regionHealthCheckServices ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
       "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
         "A String",
       ],
-      "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+      "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+          # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+          # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
       "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -339,7 +381,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -365,7 +408,7 @@ 
Method Details

 

 
 

-    patch(project, region, healthCheckService, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, healthCheckService, body=None, requestId=None)
   
Updates the specified regional HealthCheckService resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -376,13 +419,17 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Health-Check as a Service resource.
+    # 
+    # (== resource_for {$api_version}.regionHealthCheckServices ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a HealthCheckService. An up-to-date fingerprint must be provided in order to patch/update the HealthCheckService; Otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the HealthCheckService.
   "healthChecks": [ # List of URLs to the HealthCheck resources. Must have at least one HealthCheck, and not more than 10. HealthCheck resources must have portSpecification=USE_SERVING_PORT or portSpecification=USE_FIXED_PORT. For regional HealthCheckService, the HealthCheck must be regional and in the same region. For global HealthCheckService, HealthCheck must be global. Mix of regional and global HealthChecks is not supported. Multiple regional HealthChecks must belong to the same region. Regional HealthChecks must belong to the same region as zones of NEGs.
     "A String",
   ],
-  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
+  "healthStatusAggregationPolicy": "A String", # Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified.
+      # - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service.
+      # - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#healthCheckService", # [Output only] Type of the resource. Always compute#healthCheckServicefor health check services.
   "name": "A String", # Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -396,16 +443,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -439,7 +499,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionHealthChecks.html b/docs/dyn/compute_v1.regionHealthChecks.html
index 3aea0179f90..447d934e8ab 100644
--- a/docs/dyn/compute_v1.regionHealthChecks.html
+++ b/docs/dyn/compute_v1.regionHealthChecks.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, healthCheck, requestId=None, x__xgafv=None)

+  delete(project, region, healthCheck, requestId=None)

 
Deletes the specified HealthCheck resource.

 

-  get(project, region, healthCheck, x__xgafv=None)

+  get(project, region, healthCheck)

 
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a HealthCheck resource in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of HealthCheck resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)

+  update(project, region, healthCheck, body=None, requestId=None)

 
Updates a HealthCheck resource in the specified project using the data included in the request.

 
Method Details

 

@@ -105,23 +105,36 @@ 
Method Details

 

 
 

-    delete(project, region, healthCheck, requestId=None, x__xgafv=None)
+    delete(project, region, healthCheck, requestId=None)
   
Deletes the specified HealthCheck resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheck: string, Name of the HealthCheck resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -155,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,37 +183,64 @@ 
Method Details

 

 
 

-    get(project, region, healthCheck, x__xgafv=None)
+    get(project, region, healthCheck)
   
Returns the specified HealthCheck resource. Gets a list of available health checks by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   healthCheck: string, Name of the HealthCheck resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+    #
+    # Google Compute Engine has two Health Check resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    #
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    #
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    #
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    #
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    #
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -208,7 +249,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -217,7 +264,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -233,7 +286,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -241,7 +300,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -253,7 +318,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -262,22 +327,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -286,7 +382,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -295,7 +397,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -311,7 +419,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -319,7 +433,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -329,16 +449,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -372,7 +505,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -386,21 +520,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of HealthCheck resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -408,22 +548,53 @@ 
Method Details

     { # Contains a list of HealthCheck resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of HealthCheck resources.
-    { # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+    { # Represents a Health Check resource.
+        #
+        # Google Compute Engine has two Health Check resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+        #
+        # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+        #
+        # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+        #
+        # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+        #
+        # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+        #
+        # For more information, see Health checks overview.
       "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcHealthCheck": {
-        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+        "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+            # - Empty service_name means the overall status of all services at the backend.
+            # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+            # The grpc_service_name can only be ASCII.
         "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, gRPC health check follows behavior specified in port and portName fields.
       },
       "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
       "http2HealthCheck": {
         "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -432,7 +603,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -441,7 +618,13 @@ 
Method Details

         "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, HTTPS health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
         "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -457,7 +640,13 @@ 
Method Details

       "sslHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, SSL health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -465,7 +654,13 @@ 
Method Details

       "tcpHealthCheck": {
         "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
         "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+        "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+            # USE_FIXED_PORT: The port number in port is used for health checking.
+            # USE_NAMED_PORT: The portName is used for health checking.
+            # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+            #
+            #
+            # If not specified, TCP health check follows behavior specified in port and portName fields.
         "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
         "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
         "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -480,7 +675,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -506,7 +702,7 @@ 
Method Details

 

 
 

-    patch(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -516,22 +712,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -540,7 +767,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -549,7 +782,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -565,7 +804,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -573,7 +818,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -583,16 +834,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -626,7 +890,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -640,7 +905,7 @@ 
Method Details

 

 
 

-    update(project, region, healthCheck, body=None, requestId=None, x__xgafv=None)
+    update(project, region, healthCheck, body=None, requestId=None)
   
Updates a HealthCheck resource in the specified project using the data included in the request.
 
 Args:
@@ -650,22 +915,53 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Health Check resource. Google Compute Engine has two Health Check resources: * [Global](/compute/docs/reference/rest/v1/healthChecks) * [Regional](/compute/docs/reference/rest/v1/regionHealthChecks) Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`). Traffic Director must use global health checks (`compute.v1.HealthChecks`). Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`). External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`). Network load balancers must use legacy HTTP health checks (httpHealthChecks). For more information, see Health checks overview.
+{ # Represents a Health Check resource.
+    # 
+    # Google Compute Engine has two Health Check resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/healthChecks) * [Regional](/compute/docs/reference/rest/{$api_version}/regionHealthChecks)
+    # 
+    # Internal HTTP(S) load balancers must use regional health checks (`compute.v1.regionHealthChecks`).
+    # 
+    # Traffic Director must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Internal TCP/UDP load balancers can use either regional or global health checks (`compute.v1.regionHealthChecks` or `compute.v1.HealthChecks`).
+    # 
+    # External HTTP(S), TCP proxy, and SSL proxy load balancers as well as managed instance group auto-healing must use global health checks (`compute.v1.HealthChecks`).
+    # 
+    # Network load balancers must use legacy HTTP health checks (httpHealthChecks).
+    # 
+    # For more information, see Health checks overview.
   "checkIntervalSec": 42, # How often (in seconds) to send a health check. The default value is 5 seconds.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in 3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcHealthCheck": {
-    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII.
+    "grpcServiceName": "A String", # The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention:
+        # - Empty service_name means the overall status of all services at the backend.
+        # - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service.
+        # The grpc_service_name can only be ASCII.
     "port": 42, # The port number for the health check request. Must be specified if port_name and port_specification are not set or if port_specification is USE_FIXED_PORT. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. The port_name should conform to RFC1035.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, gRPC health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, gRPC health check follows behavior specified in port and portName fields.
   },
   "healthyThreshold": 42, # A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.
   "http2HealthCheck": {
     "host": "A String", # The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP2 health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP2 health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP/2 health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -674,7 +970,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTP health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -683,7 +985,13 @@ 
Method Details

     "host": "A String", # The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, HTTPS health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, HTTPS health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "requestPath": "A String", # The request path of the HTTPS health check request. The default value is /.
     "response": "A String", # The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.
@@ -699,7 +1007,13 @@ 
Method Details

   "sslHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, SSL health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, SSL health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -707,7 +1021,13 @@ 
Method Details

   "tcpHealthCheck": {
     "port": 42, # The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.
     "portName": "A String", # Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.
-    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values: USE_FIXED_PORT: The port number in port is used for health checking. USE_NAMED_PORT: The portName is used for health checking. USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking. If not specified, TCP health check follows behavior specified in port and portName fields.
+    "portSpecification": "A String", # Specifies how port is selected for health checking, can be one of following values:
+        # USE_FIXED_PORT: The port number in port is used for health checking.
+        # USE_NAMED_PORT: The portName is used for health checking.
+        # USE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.
+        #
+        #
+        # If not specified, TCP health check follows behavior specified in port and portName fields.
     "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
     "request": "A String", # The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.
     "response": "A String", # The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.
@@ -717,16 +1037,29 @@ 
Method Details

   "unhealthyThreshold": 42, # A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -760,7 +1093,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionInstanceGroupManagers.html b/docs/dyn/compute_v1.regionInstanceGroupManagers.html
index d33f853bdc4..f5191c97546 100644
--- a/docs/dyn/compute_v1.regionInstanceGroupManagers.html
+++ b/docs/dyn/compute_v1.regionInstanceGroupManagers.html
@@ -75,49 +75,49 @@
 
Compute Engine API . regionInstanceGroupManagers

 
Instance Methods

 

-  abandonInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  abandonInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.

 

-  applyUpdatesToInstances(project, region, instanceGroupManager, body=None, x__xgafv=None)

+  applyUpdatesToInstances(project, region, instanceGroupManager, body=None)

 
Apply updates to selected instances the managed instance group.

 

   close()

 
Close httplib2 connections.

 

-  createInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  createInstances(project, region, instanceGroupManager, body=None, requestId=None)

 
Creates instances with per-instance configs in this regional managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.

 

-  delete(project, region, instanceGroupManager, requestId=None, x__xgafv=None)

+  delete(project, region, instanceGroupManager, requestId=None)

 
Deletes the specified managed instance group and all of the instances in that group.

 

-  deleteInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  deleteInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method.

 

-  deletePerInstanceConfigs(project, region, instanceGroupManager, body=None, x__xgafv=None)

+  deletePerInstanceConfigs(project, region, instanceGroupManager, body=None)

 
Deletes selected per-instance configs for the managed instance group.

 

-  get(project, region, instanceGroupManager, x__xgafv=None)

+  get(project, region, instanceGroupManager)

 
Returns all of the details about the specified managed instance group.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

-
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A regional managed instance group can contain up to 2000 instances.

+  insert(project, region, body=None, requestId=None)

+
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of managed instance groups that are contained within the specified region.

 

-  listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all errors thrown by actions on instances for a given regional managed instance group. The filter and orderBy query parameters are not supported.

 

   listErrors_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances. The orderBy query parameter is not supported.

 

   listManagedInstances_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.

 

   listPerInstanceConfigs_next(previous_request, previous_response)

@@ -126,30 +126,34 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, instanceGroupManager, body=None, requestId=None)

 
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)

 
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 

-  recreateInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

-
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.

+  recreateInstances(project, region, instanceGroupManager, body=None, requestId=None)

+
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.

 

-  resize(project, region, instanceGroupManager, size, requestId=None, x__xgafv=None)

-
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.

+  resize(project, region, instanceGroupManager, size, requestId=None)

+
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances.

 

-  setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None)

 
Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.

 

-  setTargetPools(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  setTargetPools(project, region, instanceGroupManager, body=None, requestId=None)

 
Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.

 

-  updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)

+  updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)

 
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.

 
Method Details

 

-    abandonInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    abandonInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances to be immediately removed from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -164,16 +168,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -207,7 +224,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -221,7 +239,7 @@ 
Method Details

 

 
 

-    applyUpdatesToInstances(project, region, instanceGroupManager, body=None, x__xgafv=None)
+    applyUpdatesToInstances(project, region, instanceGroupManager, body=None)
   
Apply updates to selected instances the managed instance group.
 
 Args:
@@ -232,23 +250,40 @@ 
Method Details

     The object takes the form of:
 
 { # RegionInstanceGroupManagers.applyUpdatesToInstances
-  "allInstances": True or False, # Flag to update all instances instead of specified list of “instances”. If the flag is set to true then the instances may not be specified in the request.
+  "allInstances": True or False, # Flag to update all instances instead of specified list of ?instances?. If the flag is set to true then the instances may not be specified in the request.
   "instances": [ # The list of URLs of one or more instances for which you want to apply updates. Each URL can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].
     "A String",
   ],
-  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update: - REPLACE: At minimum, delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
-  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update: - REPLACE: Delete the instance and create it again. - RESTART: Stop the instance and start it again. - REFRESH: Do not stop the instance. - NONE: Do not disrupt the instance at all. By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
+  "minimalAction": "A String", # The minimal action that you want to perform on each instance during the update:
+      # - REPLACE: At minimum, delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the minimum action is NONE. If your update requires a more disruptive action than you set with this flag, the necessary action is performed to execute the update.
+  "mostDisruptiveAllowedAction": "A String", # The most disruptive action that you want to perform on each instance during the update:
+      # - REPLACE: Delete the instance and create it again.
+      # - RESTART: Stop the instance and start it again.
+      # - REFRESH: Do not stop the instance.
+      # - NONE: Do not disrupt the instance at all.  By default, the most disruptive allowed action is REPLACE. If your update requires a more disruptive action than you set with this flag, the update request will fail.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -282,7 +317,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -301,7 +337,7 @@ 
Method Details

 

 
 

-    createInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    createInstances(project, region, instanceGroupManager, body=None, requestId=None)
   
Creates instances with per-instance configs in this regional managed instance group. Instances are created using the current instance template. The create instances operation is marked DONE if the createInstances request is successful. The underlying actions take additional time. You must separately verify the status of the creating or actions with the listmanagedinstances method.
 
 Args:
@@ -333,16 +369,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -376,7 +425,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -390,23 +440,36 @@ 
Method Details

 

 
 

-    delete(project, region, instanceGroupManager, requestId=None, x__xgafv=None)
+    delete(project, region, instanceGroupManager, requestId=None)
   
Deletes the specified managed instance group and all of the instances in that group.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -440,7 +503,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -454,8 +518,12 @@ 
Method Details

 

 
 

-    deleteInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    deleteInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified instances in the managed instance group to be immediately deleted. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. The deleteInstances operation is marked DONE if the deleteInstances request is successful. The underlying actions take additional time. You must separately verify the status of the deleting action with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -470,16 +538,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -513,7 +594,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -527,7 +609,7 @@ 
Method Details

 

 
 

-    deletePerInstanceConfigs(project, region, instanceGroupManager, body=None, x__xgafv=None)
+    deletePerInstanceConfigs(project, region, instanceGroupManager, body=None)
   
Deletes selected per-instance configs for the managed instance group.
 
 Args:
@@ -543,15 +625,24 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -585,7 +676,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -599,22 +691,26 @@ 
Method Details

 

 
 

-    get(project, region, instanceGroupManager, x__xgafv=None)
+    get(project, region, instanceGroupManager)
   
Returns all of the details about the specified managed instance group.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    #
+    # Represents a Managed Instance Group resource.
+    #
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    #
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    #
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -625,7 +721,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -643,14 +741,16 @@ 
Method Details

       },
     ],
   },
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -684,14 +784,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -699,12 +817,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      #
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -715,8 +841,10 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
-  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method. A regional managed instance group can contain up to 2000 instances.
+    insert(project, region, body=None, requestId=None)
+  
Creates a managed instance group using the information that you specify in the request. After the group is created, instances in the group are created using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.
+
+A regional managed instance group can contain up to 2000 instances.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -724,7 +852,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -735,7 +871,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -753,14 +891,16 @@ 
Method Details

       },
     ],
   },
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -794,14 +934,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -809,12 +967,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -823,16 +989,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -866,7 +1045,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -880,21 +1060,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of managed instance groups that are contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -902,7 +1088,15 @@ 
Method Details

     { # Contains a list of managed instance groups.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroupManager resources.
-    { # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+    { # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+        #
+        # Represents a Managed Instance Group resource.
+        #
+        # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+        #
+        # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+        #
+        # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
       "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
         {
           "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -913,7 +1107,9 @@ 
Method Details

       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
       "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
         "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+        "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+            #
+            # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
         "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
         "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
         "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -931,14 +1127,16 @@ 
Method Details

           },
         ],
       },
-      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+      "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
       "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
       "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
       "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
       "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
       "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -972,14 +1170,32 @@ 
Method Details

       ],
       "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
       "updatePolicy": { # The update policy for this managed instance group.
-        "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+            # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+            # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+        "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
-        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+        "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+            #
+            #
+            # - The instance's status is RUNNING.
+            # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+            #
+            # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+          "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+              #
+              #
+              # - If the value is fixed, then the calculated value is equal to the fixed value.
+              # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
           "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
           "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
         },
@@ -987,12 +1203,20 @@ 
Method Details

         "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
         "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
       },
-      "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+      "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+          #
+          # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
         {
           "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
           "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+          "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+              # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+              # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+            "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+                #
+                #
+                # - If the value is fixed, then the calculated value is equal to the fixed value.
+                # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
             "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
             "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
           },
@@ -1006,7 +1230,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1018,22 +1243,28 @@ 
Method Details

 

 
 

-    listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listErrors(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all errors thrown by actions on instances for a given regional managed instance group. The filter and orderBy query parameters are not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. This should conform to RFC1035. (required)
-  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|1-9{0,19}. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035, or an unsigned long integer: must match regexp pattern: (?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?)|[1-9][0-9]{0,19}. (required)
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1075,22 +1306,28 @@ 
Method Details

 

 
 

-    listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listManagedInstances(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, The name of the managed instance group. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1098,7 +1335,16 @@ 
Method Details

     {
   "managedInstances": [ # A list of managed instances.
     { # A Managed Instance resource.
-      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. - RECREATING The managed instance group is recreating this instance. - DELETING The managed instance group is permanently deleting this instance. - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. - RESTARTING The managed instance group is restarting the instance. - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
+      "currentAction": "A String", # [Output Only] The current action that the managed instance group has scheduled for the instance. Possible values:
+          # - NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance.
+          # - CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful.
+          # - CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead.
+          # - RECREATING The managed instance group is recreating this instance.
+          # - DELETING The managed instance group is permanently deleting this instance.
+          # - ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group.
+          # - RESTARTING The managed instance group is restarting the instance.
+          # - REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.
+          # - VERIFYING The managed instance group has created the instance and it is in the process of being verified.
       "id": "A String", # [Output only] The unique identifier for this resource. This field is empty when instance does not exist.
       "instance": "A String", # [Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.
       "instanceHealth": [ # [Output Only] Health state of the instance per health-check.
@@ -1168,22 +1414,28 @@ 
Method Details

 

 
 

-    listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPerInstanceConfigs(project, region, instanceGroupManager, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all of the per-instance configs defined for the managed instance group. The orderBy query parameter is not supported.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request, should conform to RFC1035. (required)
   instanceGroupManager: string, The name of the managed instance group. It should conform to RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1211,7 +1463,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1251,7 +1504,7 @@ 
Method Details

 

 
 

-    patch(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, instanceGroupManager, body=None, requestId=None)
   
Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -1261,7 +1514,15 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Whether the instance is a standby. # Properties of a standby instance comparing to the regular instance: # | regular | standby managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no # receives traffic from LB? | yes | no Represents a Managed Instance Group resource. An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups. For zonal Managed Instance Group, use the instanceGroupManagers resource. For regional Managed Instance Group, use the regionInstanceGroupManagers resource.
+{ # Whether the instance is a standby. Properties of a standby instance comparing to the regular instance: ========================================================================= | regular | standby ========================================================================= managed by IGM? | yes | yes added to the IG? | yes | yes counts towards IGM's target size? | yes | no taken into account by Autoscaler? | yes | no receives traffic from LB? | yes | no =========================================================================
+    # 
+    # Represents a Managed Instance Group resource.
+    # 
+    # An instance group is a collection of VM instances that you can manage as a single entity. For more information, read Instance groups.
+    # 
+    # For zonal Managed Instance Group, use the instanceGroupManagers resource.
+    # 
+    # For regional Managed Instance Group, use the regionInstanceGroupManagers resource. (== resource_for {$api_version}.instanceGroupManagers ==) (== resource_for {$api_version}.regionInstanceGroupManagers ==)
   "autoHealingPolicies": [ # The autohealing policy for this managed instance group. You can specify only one value.
     {
       "healthCheck": "A String", # The URL for the health check that signals autohealing.
@@ -1272,7 +1533,9 @@ 
Method Details

   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this managed instance group in RFC3339 text format.
   "currentActions": { # [Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions.
     "abandoning": 42, # [Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.
-    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
+    "creating": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.
+        #
+        # If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.
     "creatingWithoutRetries": 42, # [Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.
     "deleting": 42, # [Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.
     "none": 42, # [Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.
@@ -1290,14 +1553,16 @@ 
Method Details

       },
     ],
   },
-  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
+  "fingerprint": "A String", # Fingerprint of this resource. This field may be used in optimistic locking. It will be ignored when inserting an InstanceGroupManager. An up-to-date fingerprint must be provided in order to update the InstanceGroupManager, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an InstanceGroupManager.
   "id": "A String", # [Output Only] A unique identifier for this resource type. The server generates this identifier.
   "instanceGroup": "A String", # [Output Only] The URL of the Instance Group resource.
   "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE.
   "kind": "compute#instanceGroupManager", # [Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.
   "name": "A String", # The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.
   "namedPorts": [ # Named ports configured for the Instance Groups complementary to this Instance Group Manager.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -1331,14 +1596,32 @@ 
Method Details

   ],
   "targetSize": 42, # The target number of running instances for this managed instance group. You can reduce this number by using the instanceGroupManager deleteInstances or abandonInstances methods. Resizing the group also changes this number.
   "updatePolicy": { # The update policy for this managed instance group.
-    "instanceRedistributionType": "A String", # The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled.
-    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "instanceRedistributionType": "A String", # The  instance redistribution policy for regional managed instance groups. Valid values are:
+        # - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region.
+        # - NONE: For non-autoscaled groups, proactive redistribution is disabled.
+    "maxSurge": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
-    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
-      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+    "maxUnavailable": { # Encapsulates numeric value that can be either absolute or relative. # The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:
+        #
+        #
+        # - The instance's status is RUNNING.
+        # - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates.
+        #
+        # At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable.
+      "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+          #
+          #
+          # - If the value is fixed, then the calculated value is equal to the fixed value.
+          # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
       "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
       "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
     },
@@ -1346,12 +1629,20 @@ 
Method Details

     "replacementMethod": "A String", # What action should be used to replace instances. See minimal_action.REPLACE
     "type": "A String", # The type of update process. You can specify either PROACTIVE so that the instance group manager proactively executes actions in order to bring instances to their target versions or OPPORTUNISTIC so that no action is proactively executed but the update will be performed as part of other actions (for example, resizes or recreateInstances calls).
   },
-  "versions": [ # Specifies the instance templates used by this managed instance group to create instances. Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
+  "versions": [ # Specifies the instance templates used by this managed instance group to create instances.
+      # 
+      # Each version is defined by an instanceTemplate and a name. Every version can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.
     {
       "instanceTemplate": "A String", # The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached.
       "name": "A String", # Name of the version. Unique among all versions in the scope of this managed instance group.
-      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
-        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
+      "targetSize": { # Encapsulates numeric value that can be either absolute or relative. # Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:
+          # - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used.
+          # - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information.
+        "calculated": 42, # [Output Only] Absolute value of VM instances calculated based on the specific mode.
+            #
+            #
+            # - If the value is fixed, then the calculated value is equal to the fixed value.
+            # - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded.
         "fixed": 42, # Specifies a fixed number of VM instances. This must be a positive integer.
         "percent": 42, # Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.
       },
@@ -1360,16 +1651,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of a zone where the managed instance group is located (for zonal resources).
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1403,7 +1707,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1417,7 +1722,7 @@ 
Method Details

 

 
 

-    patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    patchPerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)
   
Inserts or patches per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1449,16 +1754,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1492,7 +1810,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1506,8 +1825,12 @@ 
Method Details

 

 
 

-    recreateInstances(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
-  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted. You can specify a maximum of 1000 instances with this method per request.
+    recreateInstances(project, region, instanceGroupManager, body=None, requestId=None)
+  
Flags the specified VM instances in the managed instance group to be immediately recreated. Each instance is recreated using the group's current configuration. This operation is marked as DONE when the flag is set even if the instances have not yet been recreated. You must separately verify the status of each instance by checking its currentAction field; for more information, see Checking the status of managed instances.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+
+You can specify a maximum of 1000 instances with this method per request.
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1522,16 +1845,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1565,7 +1901,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1579,24 +1916,41 @@ 
Method Details

 

 
 

-    resize(project, region, instanceGroupManager, size, requestId=None, x__xgafv=None)
-  
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
+    resize(project, region, instanceGroupManager, size, requestId=None)
+  
Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances.
+
+The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.
+
+If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroupManager: string, Name of the managed instance group. (required)
   size: integer, Number of instances that should exist in this instance group manager. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1630,7 +1984,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1644,7 +1999,7 @@ 
Method Details

 

 
 

-    setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setInstanceTemplate(project, region, instanceGroupManager, body=None, requestId=None)
   
Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.
 
 Args:
@@ -1658,16 +2013,29 @@ 
Method Details

   "instanceTemplate": "A String", # URL of the InstanceTemplate resource from which all new instances will be created.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1701,7 +2069,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1715,7 +2084,7 @@ 
Method Details

 

 
 

-    setTargetPools(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    setTargetPools(project, region, instanceGroupManager, body=None, requestId=None)
   
Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.
 
 Args:
@@ -1732,16 +2101,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1775,7 +2157,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1789,7 +2172,7 @@ 
Method Details

 

 
 

-    updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)
+    updatePerInstanceConfigs(project, region, instanceGroupManager, body=None, requestId=None)
   
Inserts or updates per-instance configs for the managed instance group. perInstanceConfig.name serves as a key used to distinguish whether to perform insert or patch.
 
 Args:
@@ -1821,16 +2204,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1864,7 +2260,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionInstanceGroups.html b/docs/dyn/compute_v1.regionInstanceGroups.html
index 835a10d0314..a32e9ea75a1 100644
--- a/docs/dyn/compute_v1.regionInstanceGroups.html
+++ b/docs/dyn/compute_v1.regionInstanceGroups.html
@@ -78,13 +78,13 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, instanceGroup, x__xgafv=None)

+  get(project, region, instanceGroup)

 
Returns the specified instance group resource.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of instance group resources contained within the specified region.

 

-  listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running. The orderBy query parameter is not supported.

 

   listInstances_next(previous_request, previous_response)

@@ -93,7 +93,7 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setNamedPorts(project, region, instanceGroup, body=None, requestId=None, x__xgafv=None)

+  setNamedPorts(project, region, instanceGroup, body=None, requestId=None)

 
Sets the named ports for the specified regional instance group.

 
Method Details

 

@@ -102,30 +102,42 @@ 
Method Details

 

 
 

-    get(project, region, instanceGroup, x__xgafv=None)
+    get(project, region, instanceGroup)
   
Returns the specified instance group resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   instanceGroup: string, Name of the instance group resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+    #
+    # Instance Groups can be used to configure a target for load balancing.
+    #
+    # Instance groups can either be managed or unmanaged.
+    #
+    # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+    #
+    # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+    #
+    # For more information, read Instance groups.
+    #
+    # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
   "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
   "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
   "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
   "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-  "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-    { # The named port. For example: <"http", 80>.
+  "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+      #
+      # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+      #
+      # Named ports apply to all instances in this instance group.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
@@ -140,21 +152,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of instance group resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -162,15 +180,31 @@ 
Method Details

     { # Contains a list of InstanceGroup resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of InstanceGroup resources.
-    { # Represents an Instance Group resource. Instance Groups can be used to configure a target for load balancing. Instance groups can either be managed or unmanaged. To create managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead. Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups. For more information, read Instance groups.
+    { # Represents an Instance Group resource.
+        #
+        # Instance Groups can be used to configure a target for load balancing.
+        #
+        # Instance groups can either be managed or unmanaged.
+        #
+        # To create  managed instance groups, use the instanceGroupManager or regionInstanceGroupManager resource instead.
+        #
+        # Use zonal unmanaged instance groups if you need to apply load balancing to groups of heterogeneous instances or if you need to manage the instances yourself. You cannot create regional unmanaged instance groups.
+        #
+        # For more information, read Instance groups.
+        #
+        # (== resource_for {$api_version}.instanceGroups ==) (== resource_for {$api_version}.regionInstanceGroups ==)
       "creationTimestamp": "A String", # [Output Only] The creation timestamp for this instance group in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # [Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.
       "id": "A String", # [Output Only] A unique identifier for this instance group, generated by the server.
       "kind": "compute#instanceGroup", # [Output Only] The resource type, which is always compute#instanceGroup for instance groups.
       "name": "A String", # The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.
-      "namedPorts": [ #  Assigns a name to a port number. For example: {name: "http", port: 80} This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports apply to all instances in this instance group.
-        { # The named port. For example: <"http", 80>.
+      "namedPorts": [ # Assigns a name to a port number. For example: {name: "http", port: 80}
+          #
+          # This allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: "http", port: 80},{name: "http", port: 8080}]
+          #
+          # Named ports apply to all instances in this instance group.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -188,7 +222,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -200,7 +235,7 @@ 
Method Details

 

 
 

-    listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listInstances(project, region, instanceGroup, body=None, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running. The orderBy query parameter is not supported.
 
 Args:
@@ -215,15 +250,21 @@ 
Method Details

   "portName": "A String", # Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.
 }
 
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -234,7 +275,7 @@ 
Method Details

     {
       "instance": "A String", # [Output Only] The URL of the instance.
       "namedPorts": [ # [Output Only] The named ports that belong to this instance group.
-        { # The named port. For example: <"http", 80>.
+        { # The named port. For example: .
           "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
           "port": 42, # The port number, which can be a value between 1 and 65535.
         },
@@ -247,7 +288,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -287,7 +329,7 @@ 
Method Details

 

 
 

-    setNamedPorts(project, region, instanceGroup, body=None, requestId=None, x__xgafv=None)
+    setNamedPorts(project, region, instanceGroup, body=None, requestId=None)
   
Sets the named ports for the specified regional instance group.
 
 Args:
@@ -300,23 +342,36 @@ 
Method Details

 {
   "fingerprint": "A String", # The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.
   "namedPorts": [ # The list of named ports to set for this instance group.
-    { # The named port. For example: <"http", 80>.
+    { # The named port. For example: .
       "name": "A String", # The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.
       "port": 42, # The port number, which can be a value between 1 and 65535.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -350,7 +405,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionInstances.html b/docs/dyn/compute_v1.regionInstances.html
index 664b0ac2ab0..fd5a930f0a7 100644
--- a/docs/dyn/compute_v1.regionInstances.html
+++ b/docs/dyn/compute_v1.regionInstances.html
@@ -75,14 +75,14 @@
 
Compute Engine API . regionInstances

 
Instance Methods

 

-  bulkInsert(project, region, body=None, requestId=None, x__xgafv=None)

+  bulkInsert(project, region, body=None, requestId=None)

 
Creates multiple instances in a given region. Count specifies the number of instances to create.

 

   close()

 
Close httplib2 connections.

 
Method Details

 

-    bulkInsert(project, region, body=None, requestId=None, x__xgafv=None)
+    bulkInsert(project, region, body=None, requestId=None)
   
Creates multiple instances in a given region. Count specifies the number of instances to create.
 
 Args:
@@ -107,25 +107,46 @@ 
Method Details

       { # An instance-attached disk resource.
         "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
         "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+            #
+            # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+            #
+            # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+            #
+            # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+            #
+            # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
           "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
           "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
           "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
           "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
         },
         "diskSizeGb": "A String", # The size of the disk in GB.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
+        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
           { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
+            "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
           },
         ],
         "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+            #
+            # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
           "description": "A String", # An optional description. Provide this property when creating the disk.
           "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
           "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
+          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+              # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+              #
+              #
+              # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+              # - projects/project/zones/zone/diskTypes/diskType
+              # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
           "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
             "a_key": "A String",
           },
@@ -134,14 +155,40 @@ 
Method Details

           "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
             "A String",
           ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+              #
+              # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+              # projects/debian-cloud/global/images/family/debian-9
+              #
+              #
+              # Alternatively, use a specific version of a public operating system image:
+              # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+              #
+              #
+              # To create a disk with a custom image that you created, specify the image name in the following format:
+              # global/images/my-custom-image
+              #
+              #
+              # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+              # global/images/family/my-image-family
+              #
+              #
+              # If the source image is deleted later, this field will not be set.
+          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+              #
+              # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
             "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
             "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
           },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
+          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+              #
+              # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+              # global/snapshots/my-backup
+              #
+              #
+              # If the source snapshot is deleted later, this field will not be set.
           "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
             "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
             "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
@@ -179,7 +226,11 @@ 
Method Details

             "fileType": "A String", # The file type of source file.
           },
         },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+            #
+            # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+            #
+            # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
         "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
       },
     ],
@@ -194,9 +245,11 @@ 
Method Details

     },
     "machineType": "A String", # The machine type to use for instances that are created from these properties.
     "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve the resource.
       "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
+        {
           "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
           "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
         },
@@ -213,7 +266,11 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
@@ -233,26 +290,41 @@ 
Method Details

             "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                #
+                # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                #
+                # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
+        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+            #
+            # Valid only if stackType is IPV4_IPV6.
         "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
         "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
         "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
+        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+            #
+            # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+            # - projects/project/global/networks/network
+            # - global/networks/default
         "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
         "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
+        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+            #
+            # This field can be both set at instance creation and update network interface operations.
+        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+            # - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
     "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
+      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
@@ -262,7 +334,9 @@ 
Method Details

       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+          #
+          # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
       "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
       "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
@@ -291,7 +365,9 @@ 
Method Details

       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
     },
     "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
+      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+          #
+          # To see the latest fingerprint, make get() request to the instance.
       "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
         "A String",
       ],
@@ -305,25 +381,45 @@ 
Method Details

     },
   },
   "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
-  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder # ...# can contain up to 18 characters.
+  "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
   "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
     "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
       "name": "A String", # This field is only temporary. It will be removed. Do not use it.
     },
   },
-  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional.
+  "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+      # 
+      # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+      # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+      # - projects/project/global/instanceTemplates/instanceTemplate
+      # - global/instanceTemplates/instanceTemplate
+      # 
+      # This field is optional.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -357,7 +453,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionNetworkEndpointGroups.html b/docs/dyn/compute_v1.regionNetworkEndpointGroups.html
index 070149c80b8..927050f0b07 100644
--- a/docs/dyn/compute_v1.regionNetworkEndpointGroups.html
+++ b/docs/dyn/compute_v1.regionNetworkEndpointGroups.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, networkEndpointGroup, requestId=None, x__xgafv=None)

+  delete(project, region, networkEndpointGroup, requestId=None)

 
Deletes the specified network endpoint group. Note that the NEG cannot be deleted if it is configured as a backend of a backend service.

 

-  get(project, region, networkEndpointGroup, x__xgafv=None)

+  get(project, region, networkEndpointGroup)

 
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a network endpoint group in the specified project using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of regional network endpoint groups available to the specified project in the given region.

 

   list_next(previous_request, previous_response)

@@ -99,23 +99,36 @@ 
Method Details

 

 
 

-    delete(project, region, networkEndpointGroup, requestId=None, x__xgafv=None)
+    delete(project, region, networkEndpointGroup, requestId=None)
   
Deletes the specified network endpoint group. Note that the NEG cannot be deleted if it is configured as a backend of a backend service.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group to delete. It should comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -149,7 +162,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -163,38 +177,68 @@ 
Method Details

 

 
 

-    get(project, region, networkEndpointGroup, x__xgafv=None)
+    get(project, region, networkEndpointGroup)
   
Returns the specified network endpoint group. Gets a list of available network endpoint groups by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
   networkEndpointGroup: string, The name of the network endpoint group. It should comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+    #
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -213,7 +257,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a network endpoint group in the specified project using the parameters that are included in the request.
 
 Args:
@@ -222,23 +266,57 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+{ # Represents a collection of network endpoints.
+    # 
+    # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
   "annotations": { # Metadata defined as annotations on the network endpoint group.
     "a_key": "A String",
   },
-  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-    "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+  "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Optional serving service.
+        #
+        # The service name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "default", "my-service".
+    "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+    "version": "A String", # Optional serving version.
+        #
+        # The version name is case-sensitive and must be 1-100 characters long.
+        #
+        # Example value: "v1", "v2".
   },
-  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+  "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+    "function": "A String", # A user-defined name of the Cloud Function.
+        #
+        # The function name is case-sensitive and must be 1-63 characters long.
+        #
+        # Example value: "func1".
+    "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+        #
+        # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
   },
-  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-    "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+  "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+      #
+      # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+    "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+        #
+        # The service must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "run-service".
+    "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+        #
+        # The tag must be 1-63 characters long, and comply with RFC1035.
+        #
+        # Example value: "revision-0010".
+    "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+        #
+        # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -255,16 +333,29 @@ 
Method Details

   "zone": "A String", # [Output Only] The URL of the zone where the network endpoint group is located.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -298,7 +389,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -312,21 +404,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of regional network endpoint groups available to the specified project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, The name of the region where the network endpoint group is located. It should comply with RFC1035. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -334,23 +432,57 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NetworkEndpointGroup resources.
-    { # Represents a collection of network endpoints. A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see Setting up external HTTP(S) Load Balancing with internet NEGs, Setting up zonal NEGs, or Setting up external HTTP(S) Load Balancing with serverless NEGs.
+    { # Represents a collection of network endpoints.
+        #
+        # A network endpoint group (NEG) defines how a set of endpoints should be reached, whether they are reachable, and where they are located. For more information about using NEGs, see  Setting up external HTTP(S) Load Balancing with internet NEGs,  Setting up zonal NEGs, or  Setting up external HTTP(S) Load Balancing with serverless NEGs. (== resource_for {$api_version}.networkEndpointGroups ==) (== resource_for {$api_version}.globalNetworkEndpointGroups ==) (== resource_for {$api_version}.regionNetworkEndpointGroups ==)
       "annotations": { # Metadata defined as annotations on the network endpoint group.
         "a_key": "A String",
       },
-      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: "default", "my-service".
-        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
-        "version": "A String", # Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: "v1", "v2".
+      "appEngine": { # Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Optional serving service.
+            #
+            # The service name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "default", "my-service".
+        "urlMask": "A String", # A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, the request URLs "foo1-dot-appname.appspot.com/v1" and "foo1-dot-appname.appspot.com/v2" can be backed by the same Serverless NEG with URL mask "-dot-appname.appspot.com/". The URL mask will parse them to { service = "foo1", version = "v1" } and { service = "foo1", version = "v2" } respectively.
+        "version": "A String", # Optional serving version.
+            #
+            # The version name is case-sensitive and must be 1-100 characters long.
+            #
+            # Example value: "v1", "v2".
       },
-      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "function": "A String", # A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: "func1".
-        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs " mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
+      "cloudFunction": { # Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
+        "function": "A String", # A user-defined name of the Cloud Function.
+            #
+            # The function name is case-sensitive and must be 1-63 characters long.
+            #
+            # Example value: "func1".
+        "urlMask": "A String", # A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services.
+            #
+            # For example, request URLs "mydomain.com/function1" and "mydomain.com/function2" can be backed by the same Serverless NEG with URL mask "/". The URL mask will parse them to { function = "function1" } and { function = "function2" } respectively.
       },
-      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
-        "service": "A String", # Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: "run-service".
-        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: "revision-0010".
-        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
+      "cloudRun": { # Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. # Only valid when networkEndpointType is "SERVERLESS". Only one of cloudRun, appEngine or cloudFunction may be set.
+          #
+          # Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
+        "service": "A String", # Cloud Run service is the main resource of Cloud Run.
+            #
+            # The service must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "run-service".
+        "tag": "A String", # Optional Cloud Run tag represents the "named-revision" to provide additional fine-grained traffic routing information.
+            #
+            # The tag must be 1-63 characters long, and comply with RFC1035.
+            #
+            # Example value: "revision-0010".
+        "urlMask": "A String", # A template to parse service and tag fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services.
+            #
+            # For example, request URLs "foo1.domain.com/bar1" and "foo1.domain.com/bar2" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask ".domain.com/". The URL mask will parse them to { service="bar1", tag="foo1" } and { service="bar2", tag="foo2" } respectively.
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "defaultPort": 42, # The default port used if the port number is not specified in the network endpoint.
@@ -372,7 +504,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionNotificationEndpoints.html b/docs/dyn/compute_v1.regionNotificationEndpoints.html
index d00200a6177..9e08041b857 100644
--- a/docs/dyn/compute_v1.regionNotificationEndpoints.html
+++ b/docs/dyn/compute_v1.regionNotificationEndpoints.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, notificationEndpoint, requestId=None, x__xgafv=None)

+  delete(project, region, notificationEndpoint, requestId=None)

 
Deletes the specified NotificationEndpoint in the given region

 

-  get(project, region, notificationEndpoint, x__xgafv=None)

+  get(project, region, notificationEndpoint)

 
Returns the specified NotificationEndpoint resource in the given region.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Create a NotificationEndpoint in the specified project in the given region using the parameters that are included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the NotificationEndpoints for a project in the given region.

 

   list_next(previous_request, previous_response)

@@ -99,23 +99,36 @@ 
Method Details

 

 
 

-    delete(project, region, notificationEndpoint, requestId=None, x__xgafv=None)
+    delete(project, region, notificationEndpoint, requestId=None)
   
Deletes the specified NotificationEndpoint in the given region
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   notificationEndpoint: string, Name of the NotificationEndpoint resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -149,7 +162,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -163,22 +177,22 @@ 
Method Details

 

 
 

-    get(project, region, notificationEndpoint, x__xgafv=None)
+    get(project, region, notificationEndpoint)
   
Returns the specified NotificationEndpoint resource in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   notificationEndpoint: string, Name of the NotificationEndpoint resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+    { # Represents a notification endpoint.
+    #
+    # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+    #
+    # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -200,7 +214,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Create a NotificationEndpoint in the specified project in the given region using the parameters that are included in the request.
 
 Args:
@@ -209,7 +223,11 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+{ # Represents a notification endpoint.
+    # 
+    # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+    # 
+    # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -229,16 +247,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -272,7 +303,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -286,21 +318,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the NotificationEndpoints for a project in the given region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -308,7 +346,11 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of NotificationEndpoint resources.
-    { # Represents a notification endpoint. A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service. For more information, see Health checks overview.
+    { # Represents a notification endpoint.
+        #
+        # A notification endpoint resource defines an endpoint to receive notifications when there are status changes detected by the associated health check service.
+        #
+        # For more information, see  Health checks overview. (== resource_for {$api_version}.notificationEndpoint ==) (== resource_for {$api_version}.regionNotificationEndpoints ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "grpcSettings": { # Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint. # Settings of the gRPC notification endpoint including the endpoint URL and the retry duration.
@@ -333,7 +375,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionOperations.html b/docs/dyn/compute_v1.regionOperations.html
index 8a10a918003..34246b41b5e 100644
--- a/docs/dyn/compute_v1.regionOperations.html
+++ b/docs/dyn/compute_v1.regionOperations.html
@@ -78,20 +78,20 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, operation, x__xgafv=None)

+  delete(project, region, operation)

 
Deletes the specified region-specific Operations resource.

 

-  get(project, region, operation, x__xgafv=None)

+  get(project, region, operation)

 
Retrieves the specified region-specific Operations resource.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, region, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, region, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

     close()
@@ -99,37 +99,42 @@ 
Method Details

 

 
 

-    delete(project, region, operation, x__xgafv=None)
+    delete(project, region, operation)
   
Deletes the specified region-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, region, operation, x__xgafv=None)
+    get(project, region, operation)
   
Retrieves the specified region-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -163,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -177,21 +183,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -199,7 +211,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -233,7 +258,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -250,7 +276,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -276,22 +303,35 @@ 
Method Details

 

 
 

-    wait(project, region, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, region, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -325,7 +365,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionSslCertificates.html b/docs/dyn/compute_v1.regionSslCertificates.html
index 89ef15caabe..2e8a154caf9 100644
--- a/docs/dyn/compute_v1.regionSslCertificates.html
+++ b/docs/dyn/compute_v1.regionSslCertificates.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, sslCertificate, requestId=None, x__xgafv=None)

+  delete(project, region, sslCertificate, requestId=None)

 
Deletes the specified SslCertificate resource in the region.

 

-  get(project, region, sslCertificate, x__xgafv=None)

+  get(project, region, sslCertificate)

 
Returns the specified SslCertificate resource in the specified region. Get a list of available SSL certificates by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a SslCertificate resource in the specified project and region using the data included in the request

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of SslCertificate resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

@@ -99,23 +99,36 @@ 
Method Details

 

 
 

-    delete(project, region, sslCertificate, requestId=None, x__xgafv=None)
+    delete(project, region, sslCertificate, requestId=None)
   
Deletes the specified SslCertificate resource in the region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -149,7 +162,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -163,22 +177,32 @@ 
Method Details

 

 
 

-    get(project, region, sslCertificate, x__xgafv=None)
+    get(project, region, sslCertificate)
   
Returns the specified SslCertificate resource in the specified region. Get a list of available SSL certificates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/v1/sslCertificates) * [Regional](/compute/docs/reference/rest/v1/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+    #
+    # Google Compute Engine has two SSL Certificate resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    #
+    #
+    #
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    #
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    #
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -210,7 +234,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a SslCertificate resource in the specified project and region using the data included in the request
 
 Args:
@@ -219,7 +243,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/v1/sslCertificates) * [Regional](/compute/docs/reference/rest/v1/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+{ # Represents an SSL Certificate resource.
+    # 
+    # Google Compute Engine has two SSL Certificate resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    # 
+    # 
+    # 
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    # 
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    # 
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -249,16 +287,29 @@ 
Method Details

   "type": "A String", # (Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields certificate and private_key are used.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -292,7 +343,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -306,21 +358,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of SslCertificate resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -328,7 +386,21 @@ 
Method Details

     { # Contains a list of SslCertificate resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslCertificate resources.
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/v1/sslCertificates) * [Regional](/compute/docs/reference/rest/v1/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+        #
+        # Google Compute Engine has two SSL Certificate resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+        #
+        #
+        #
+        # The sslCertificates are used by:
+        # - external HTTPS load balancers
+        # - SSL proxy load balancers
+        #
+        # The regionSslCertificates are used by internal HTTPS load balancers.
+        #
+        # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
       "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -363,7 +435,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionTargetHttpProxies.html b/docs/dyn/compute_v1.regionTargetHttpProxies.html
index dce206175bc..d9b872dea8d 100644
--- a/docs/dyn/compute_v1.regionTargetHttpProxies.html
+++ b/docs/dyn/compute_v1.regionTargetHttpProxies.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetHttpProxy, requestId=None, x__xgafv=None)

+  delete(project, region, targetHttpProxy, requestId=None)

 
Deletes the specified TargetHttpProxy resource.

 

-  get(project, region, targetHttpProxy, x__xgafv=None)

+  get(project, region, targetHttpProxy)

 
Returns the specified TargetHttpProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a TargetHttpProxy resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpProxy resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setUrlMap(project, region, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, region, targetHttpProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpProxy.

 
Method Details

 

@@ -102,23 +102,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetHttpProxy, requestId=None, x__xgafv=None)
+    delete(project, region, targetHttpProxy, requestId=None)
   
Deletes the specified TargetHttpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -152,7 +165,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -166,29 +180,39 @@ 
Method Details

 

 
 

-    get(project, region, targetHttpProxy, x__xgafv=None)
+    get(project, region, targetHttpProxy)
   
Returns the specified TargetHttpProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    #
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    #
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    #
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -196,7 +220,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a TargetHttpProxy resource in the specified project and region using the data included in the request.
 
 Args:
@@ -205,29 +229,56 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -261,7 +312,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -275,21 +327,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpProxy resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -297,14 +355,28 @@ 
Method Details

     { # A list of TargetHttpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpProxy resources.
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTP Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+        #
+        # A target HTTP proxy is a component of GCP HTTP load balancers.
+        #
+        # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+        #
+        # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -315,7 +387,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -341,7 +414,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, region, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, region, targetHttpProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpProxy.
 
 Args:
@@ -355,16 +428,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -398,7 +484,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionTargetHttpsProxies.html b/docs/dyn/compute_v1.regionTargetHttpsProxies.html
index 8dcf3b67a50..7f768536c9d 100644
--- a/docs/dyn/compute_v1.regionTargetHttpsProxies.html
+++ b/docs/dyn/compute_v1.regionTargetHttpsProxies.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetHttpsProxy, requestId=None, x__xgafv=None)

+  delete(project, region, targetHttpsProxy, requestId=None)

 
Deletes the specified TargetHttpsProxy resource.

 

-  get(project, region, targetHttpsProxy, x__xgafv=None)

+  get(project, region, targetHttpsProxy)

 
Returns the specified TargetHttpsProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a TargetHttpsProxy resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpsProxy resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None)

 
Replaces SslCertificates for TargetHttpsProxy.

 

-  setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpsProxy.

 
Method Details

 

@@ -105,23 +105,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetHttpsProxy, requestId=None, x__xgafv=None)
+    delete(project, region, targetHttpsProxy, requestId=None)
   
Deletes the specified TargetHttpsProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -155,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -169,44 +183,67 @@ 
Method Details

 

 
 

-    get(project, region, targetHttpsProxy, x__xgafv=None)
+    get(project, region, targetHttpsProxy)
   
Returns the specified TargetHttpsProxy resource in the specified region. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+    { # Represents a Target HTTPS Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    #
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    #
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    #
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a TargetHttpsProxy resource in the specified project and region using the data included in the request.
 
 Args:
@@ -215,36 +252,76 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -278,7 +355,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -292,21 +370,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpsProxy resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -314,24 +398,51 @@ 
Method Details

     { # Contains a list of TargetHttpsProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpsProxy resources.
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+    { # Represents a Target HTTPS Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTPS Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+        #
+        # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+        #
+        # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+        #
+        # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+          # Refer to the AuthorizationPolicy resource for additional details.
+          # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # Note: This field currently has no impact.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
+      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+          # - When quic-override is set to NONE, Google manages whether QUIC is used.
+          # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+          # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+          # - If the quic-override flag is not specified, NONE is implied.
       "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+          # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # If left blank, communications are not encrypted.
+          # Note: This field currently has no impact.
       "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
         "A String",
       ],
       "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+          # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+          # - projects/project/global/urlMaps/url-map
+          # - global/urlMaps/url-map
     },
   ],
   "kind": "compute#targetHttpsProxyList", # Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.
@@ -339,7 +450,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -365,7 +477,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, region, targetHttpsProxy, body=None, requestId=None)
   
Replaces SslCertificates for TargetHttpsProxy.
 
 Args:
@@ -381,16 +493,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -424,7 +549,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -438,7 +564,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, region, targetHttpsProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpsProxy.
 
 Args:
@@ -452,16 +578,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -495,7 +634,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.regionUrlMaps.html b/docs/dyn/compute_v1.regionUrlMaps.html
index 95d9df34cb6..14b9dfb81e2 100644
--- a/docs/dyn/compute_v1.regionUrlMaps.html
+++ b/docs/dyn/compute_v1.regionUrlMaps.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, urlMap, requestId=None, x__xgafv=None)

+  delete(project, region, urlMap, requestId=None)

 
Deletes the specified UrlMap resource.

 

-  get(project, region, urlMap, x__xgafv=None)

+  get(project, region, urlMap)

 
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a UrlMap resource in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of UrlMap resources available to the specified project in the specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, urlMap, body=None, requestId=None)

 
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  update(project, region, urlMap, body=None, requestId=None, x__xgafv=None)

+  update(project, region, urlMap, body=None, requestId=None)

 
Updates the specified UrlMap resource with the data included in the request.

 

-  validate(project, region, urlMap, body=None, x__xgafv=None)

+  validate(project, region, urlMap, body=None)

 
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.

 
Method Details

 

@@ -108,7 +108,7 @@ 
Method Details

 

 
 

-    delete(project, region, urlMap, requestId=None, x__xgafv=None)
+    delete(project, region, urlMap, requestId=None)
   
Deletes the specified UrlMap resource.
 
 Args:
@@ -116,15 +116,24 @@ 
Method Details

   region: string, Name of the region scoping this request. (required)
   urlMap: string, Name of the UrlMap resource to delete. (required)
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -158,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -172,36 +182,55 @@ 
Method Details

 

 
 

-    get(project, region, urlMap, x__xgafv=None)
+    get(project, region, urlMap)
   
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   urlMap: string, Name of the UrlMap resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+    #
+    # Google Compute Engine has two URL Map resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    #
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    #
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    #
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    #
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    #
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    #
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -210,53 +239,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -266,34 +326,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -303,7 +390,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -313,7 +401,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -324,19 +413,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -345,53 +440,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -401,33 +527,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -437,7 +593,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -445,24 +602,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -471,53 +636,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -527,37 +723,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -567,7 +789,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -576,60 +799,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -638,53 +913,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -694,25 +1000,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -720,11 +1046,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -733,14 +1064,15 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a UrlMap resource in the specified project using the data included in the request.
 
 Args:
@@ -749,21 +1081,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -772,53 +1127,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -828,34 +1214,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -865,7 +1278,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -875,7 +1289,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -886,19 +1301,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -907,53 +1328,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -963,33 +1415,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -999,7 +1481,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1007,24 +1490,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1033,53 +1524,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1089,37 +1611,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1129,7 +1677,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1138,60 +1687,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1200,53 +1801,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1256,25 +1888,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1282,11 +1934,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -1295,21 +1952,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1343,7 +2010,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1357,21 +2025,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of UrlMap resources available to the specified project in the specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -1379,21 +2053,44 @@ 
Method Details

     { # Contains a list of UrlMap resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of UrlMap resources.
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+        #
+        # Google Compute Engine has two URL Map resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+        #
+        # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+        #
+        # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+        #
+        # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+        #
+        # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+        #
+        # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+        #
+        # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+          # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1402,53 +2099,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1458,34 +2186,61 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # The headerAction specified here take effect after headerAction specified under pathMatcher.
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1495,7 +2250,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1505,7 +2261,8 @@ 
Method Details

       "hostRules": [ # The list of HostRules to use against the URL.
         { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+              # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "A String",
           ],
           "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -1516,19 +2273,25 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "pathMatchers": [ # The list of named PathMatchers to use against the URL.
         { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1537,53 +2300,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1593,33 +2387,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+              # - compute/v1/projects/project/global/backendServices/backendService
+              # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+              # - compute.backendBuckets.use
+              # - compute.backendServices.use
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1629,7 +2453,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1637,24 +2462,32 @@ 
Method Details

             ],
           },
           "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+              # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+              # Within a given pathMatcher, only one of pathRules or routeRules must be set.
             { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
               "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                 "A String",
               ],
-              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of routeAction or urlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1663,53 +2496,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1719,37 +2583,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
-          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+              # Within a given pathMatcher, you can set only one of pathRules or routeRules.
             { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-              "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "description": "A String", # The short description conveying the intent of this routeRule.
+                  # The description can have a maximum length of 1024 characters.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1759,7 +2649,8 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1768,60 +2659,112 @@ 
Method Details

               },
               "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                 { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                      # fullPathMatch must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                   "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                     { # matchRule criteria for request header matches.
-                      "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "headerName": "A String", # The name of the HTTP header to match.
+                          # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                          # For matching a request's method, use the headerName ":method".
+                          # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                          # The default setting is false.
+                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                          # For example for a range [-5, 0]
+                          # - -3 will match.
+                          # - 0 will not match.
+                          # - 0.25 will not match.
+                          # - -3someString will not match.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                         "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                         "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                       },
-                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                          # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                     },
                   ],
-                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                      # The default value is false.
+                      # ignoreCase must not be used with regexMatch.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                      # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                          # This list must not be empty and can have at the most 64 entries.
                         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                          "name": "A String", # Name of metadata label.
+                              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                          "value": "A String", # The value of the label must match the specified value.
+                              # value can have a maximum length of 1024 characters.
                         },
                       ],
-                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                          # Supported values are:
+                          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                     },
                   ],
-                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                      # The value must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                      # Not supported when the URL map is bound to target gRPC proxy.
                     { # HttpRouteRuleMatch criteria for a request's query parameter.
-                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
                       "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                  # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                  # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1830,53 +2773,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1886,25 +2860,45 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
@@ -1912,11 +2906,16 @@ 
Method Details

       ],
       "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         { # Message for the expected URL mappings.
           "description": "A String", # Description of this test case.
-          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+              # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+              # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+              # expectedOutputUrl is optional when service is specified.
+          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+              # expectedRedirectResponseCode cannot be set when service is set.
           "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
             { # HTTP headers used in UrlMapTests.
               "name": "A String", # Header name.
@@ -1925,7 +2924,8 @@ 
Method Details

           ],
           "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
           "path": "A String", # Path portion of the URL.
-          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+              # service cannot be set if expectedRedirectResponseCode is set.
         },
       ],
     },
@@ -1935,7 +2935,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1961,7 +2962,7 @@ 
Method Details

 

 
 

-    patch(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, urlMap, body=None, requestId=None)
   
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -1971,21 +2972,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1994,53 +3018,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2050,34 +3105,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2087,7 +3169,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2097,7 +3180,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2108,19 +3192,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2129,53 +3219,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2185,33 +3306,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2221,7 +3372,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2229,24 +3381,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2255,53 +3415,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2311,37 +3502,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2351,7 +3568,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2360,60 +3578,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2422,53 +3692,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2478,25 +3779,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -2504,11 +3825,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -2517,21 +3843,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2565,7 +3901,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2579,7 +3916,7 @@ 
Method Details

 

 
 

-    update(project, region, urlMap, body=None, requestId=None, x__xgafv=None)
+    update(project, region, urlMap, body=None, requestId=None)
   
Updates the specified UrlMap resource with the data included in the request.
 
 Args:
@@ -2589,21 +3926,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2612,53 +3972,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2668,34 +4059,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2705,7 +4123,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2715,7 +4134,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2726,19 +4146,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2747,53 +4173,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2803,33 +4260,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2839,7 +4326,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2847,24 +4335,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2873,53 +4369,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2929,37 +4456,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2969,7 +4522,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2978,60 +4532,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3040,53 +4646,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3096,25 +4733,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3122,11 +4779,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -3135,21 +4797,31 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
   requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3183,7 +4855,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3197,7 +4870,7 @@ 
Method Details

 

 
 

-    validate(project, region, urlMap, body=None, x__xgafv=None)
+    validate(project, region, urlMap, body=None)
   
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.
 
 Args:
@@ -3208,21 +4881,44 @@ 
Method Details

     The object takes the form of:
 
 {
-  "resource": { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts. # Content of the UrlMap to be validated.
+  "resource": { # Represents a URL Map resource. # Content of the UrlMap to be validated.
+      #
+      # Google Compute Engine has two URL Map resources:
+      #
+      # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+      #
+      # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+      #
+      # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+      #
+      # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+      #
+      # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+      #
+      # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+      #
+      # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-    "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+    "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+        # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+        # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+        # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+            # Default is false.
         "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
           "A String",
         ],
         "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
           "A String",
         ],
-        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
-        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
         "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3231,53 +4927,84 @@ 
Method Details

         ],
         "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
       },
-      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+          # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
         "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-          "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "httpStatus": 42, # The HTTP status code used to abort the request.
+              # The value must be between 200 and 599 inclusive.
+              # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
         "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
           "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+          # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
       },
-      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+            # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+            # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+            # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+            # -
+            # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+            # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+            # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+            # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+            # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+            # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+            # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
           "A String",
         ],
       },
-      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+          # If not specified, will use the largest timeout among all backend services associated with the route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+          # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+            # The value must be between 1 and 255 characters.
+        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+            # The value must be between 1 and 1024 characters.
       },
-      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-        { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+          # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+        { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
           "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3287,34 +5014,61 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+              # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+              # The value must be between 0 and 1000
         },
       ],
     },
-    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+        # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+        # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+        # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+          # The value must be between 1 and 255 characters.
+      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+          # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+          # The default is set to false.
+      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+          # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+          # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+          # Supported values are:
+          # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+          # - FOUND, which corresponds to 302.
+          # - SEE_OTHER which corresponds to 303.
+          # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+          # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+          # The default is set to false.
     },
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+        # The headerAction specified here take effect after headerAction specified under pathMatcher.
+        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3324,7 +5078,8 @@ 
Method Details

         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3334,7 +5089,8 @@ 
Method Details

     "hostRules": [ # The list of HostRules to use against the URL.
       { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+            # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "A String",
         ],
         "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -3345,19 +5101,25 @@ 
Method Details

     "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     "pathMatchers": [ # The list of named PathMatchers to use against the URL.
       { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-        "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+        "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+            # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+            # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                # Default is false.
             "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
               "A String",
             ],
             "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
               "A String",
             ],
-            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
-            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
             "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3366,53 +5128,84 @@ 
Method Details

             ],
             "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
           },
-          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+              # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
             "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-              "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "httpStatus": 42, # The HTTP status code used to abort the request.
+                  # The value must be between 200 and 599 inclusive.
+                  # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
             "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
               "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+              # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
           },
-          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                # -
+                # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
               "A String",
             ],
           },
-          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+              # If not specified, will use the largest timeout among all backend services associated with the route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+              # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                # The value must be between 1 and 255 characters.
+            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                # The value must be between 1 and 1024 characters.
           },
-          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-            { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+              # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+            { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
               "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3422,33 +5215,63 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                  # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                  # The value must be between 0 and 1000
             },
           ],
         },
-        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+            # - compute/v1/projects/project/global/backendServices/backendService
+            # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+            # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+            # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+            # - compute.backendBuckets.use
+            # - compute.backendServices.use
+        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+            # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+              # The value must be between 1 and 255 characters.
+          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+              # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+              # The default is set to false.
+          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+              # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+              # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+              # Supported values are:
+              # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+              # - FOUND, which corresponds to 302.
+              # - SEE_OTHER which corresponds to 303.
+              # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+              # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+              # The default is set to false.
         },
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3458,7 +5281,8 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3466,24 +5290,32 @@ 
Method Details

           ],
         },
         "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+            # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+            # Within a given pathMatcher, only one of pathRules or routeRules must be set.
           { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
             "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
               "A String",
             ],
-            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of routeAction or urlRedirect must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3492,53 +5324,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3548,37 +5411,63 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
-        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+            # Within a given pathMatcher, you can set only one of pathRules or routeRules.
           { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-            "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "description": "A String", # The short description conveying the intent of this routeRule.
+                # The description can have a maximum length of 1024 characters.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3588,7 +5477,8 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3597,60 +5487,112 @@ 
Method Details

             },
             "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
               { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                    # fullPathMatch must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                 "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                   { # matchRule criteria for request header matches.
-                    "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "headerName": "A String", # The name of the HTTP header to match.
+                        # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                        # For matching a request's method, use the headerName ":method".
+                        # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                        # The default setting is false.
+                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                        # For example for a range [-5, 0]
+                        # - -3 will match.
+                        # - 0 will not match.
+                        # - 0.25 will not match.
+                        # - -3someString will not match.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                       "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                       "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                     },
-                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                        # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                   },
                 ],
-                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                    # The default value is false.
+                    # ignoreCase must not be used with regexMatch.
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                    # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                    # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                      # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                        # This list must not be empty and can have at the most 64 entries.
                       { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                        "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                        "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                        "name": "A String", # Name of metadata label.
+                            # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                        "value": "A String", # The value of the label must match the specified value.
+                            # value can have a maximum length of 1024 characters.
                       },
                     ],
-                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                        # Supported values are:
+                        # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                        # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                   },
                 ],
-                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                    # The value must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                    # Not supported when the URL map is bound to target gRPC proxy.
                   { # HttpRouteRuleMatch criteria for a request's query parameter.
-                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
                     "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                        # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                   },
                 ],
-                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                    # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               },
             ],
-            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3659,53 +5601,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3715,25 +5688,45 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
@@ -3741,11 +5734,16 @@ 
Method Details

     ],
     "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
     "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       { # Message for the expected URL mappings.
         "description": "A String", # Description of this test case.
-        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+            # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+            # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+            # expectedOutputUrl is optional when service is specified.
+        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+            # expectedRedirectResponseCode cannot be set when service is set.
         "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
           { # HTTP headers used in UrlMapTests.
             "name": "A String", # Header name.
@@ -3754,16 +5752,13 @@ 
Method Details

         ],
         "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
         "path": "A String", # Path portion of the URL.
-        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+            # service cannot be set if expectedRedirectResponseCode is set.
       },
     ],
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.regions.html b/docs/dyn/compute_v1.regions.html
index bdf35fae4be..1fb5323cf6c 100644
--- a/docs/dyn/compute_v1.regions.html
+++ b/docs/dyn/compute_v1.regions.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, region, x__xgafv=None)

+  get(project, region)

 
Returns the specified Region resource. Gets a list of available regions by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of region resources available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,21 +93,19 @@ 
Method Details

 

 
 

-    get(project, region, x__xgafv=None)
+    get(project, region)
   
Returns the specified Region resource. Gets a list of available regions by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Region resource. A region is a geographical area where a resource is located. For more information, read Regions and Zones.
+    { # Represents a Region resource.
+    #
+    # A region is a geographical area where a resource is located. For more information, read Regions and Zones. (== resource_for {$api_version}.regions ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this region.
     "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -138,20 +136,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of region resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -159,7 +163,9 @@ 
Method Details

     { # Contains a list of region resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Region resources.
-    { # Represents a Region resource. A region is a geographical area where a resource is located. For more information, read Regions and Zones.
+    { # Represents a Region resource.
+        #
+        # A region is a geographical area where a resource is located. For more information, read Regions and Zones. (== resource_for {$api_version}.regions ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "deprecated": { # Deprecation status for a public resource. # [Output Only] The deprecation status associated with this region.
         "deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.
@@ -193,7 +199,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.reservations.html b/docs/dyn/compute_v1.reservations.html
index bb736948b6d..91385caa5a4 100644
--- a/docs/dyn/compute_v1.reservations.html
+++ b/docs/dyn/compute_v1.reservations.html
@@ -75,7 +75,7 @@
 
Compute Engine API . reservations

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of reservations.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, reservation, requestId=None, x__xgafv=None)

+  delete(project, zone, reservation, requestId=None)

 
Deletes the specified reservation.

 

-  get(project, zone, reservation, x__xgafv=None)

+  get(project, zone, reservation)

 
Retrieves information about the specified reservation.

 

-  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a new reservation. For more information, read Reserving zonal resources.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
A list of all the reservations that have been configured for the specified project in specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  resize(project, zone, reservation, body=None, requestId=None, x__xgafv=None)

+  resize(project, zone, reservation, body=None, requestId=None)

 
Resizes the reservation (applicable to standalone reservations only). For more information, read Modifying reservations.

 

-  setIamPolicy(project, zone, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, zone, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, zone, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, zone, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of reservations.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,7 +142,7 @@ 
Method Details

   "items": { # A list of Allocation resources.
     "a_key": { # Name of the scope containing this set of reservations.
       "reservations": [ # A list of reservations contained in this scope.
-        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+        { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
           "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -173,7 +179,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of reservations when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -191,7 +198,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -222,23 +230,36 @@ 
Method Details

 

 
 

-    delete(project, zone, reservation, requestId=None, x__xgafv=None)
+    delete(project, zone, reservation, requestId=None)
   
Deletes the specified reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   reservation: string, Name of the reservation to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -272,7 +293,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -286,22 +308,18 @@ 
Method Details

 

 
 

-    get(project, zone, reservation, x__xgafv=None)
+    get(project, zone, reservation)
   
Retrieves information about the specified reservation.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   reservation: string, Name of the reservation to retrieve. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
   "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -338,7 +356,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, zone, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -346,27 +364,51 @@ 
Method Details

   zone: string, The name of the zone for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -374,76 +416,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a new reservation. For more information, read Reserving zonal resources.
 
 Args:
@@ -452,7 +562,7 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+{ # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
   "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -487,16 +597,29 @@ 
Method Details

   "zone": "A String", # Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -530,7 +653,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -544,21 +668,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
A list of all the reservations that have been configured for the specified project in specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -566,7 +696,7 @@ 
Method Details

     {
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Allocation resources.
-    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
+    { # Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read  Reserving zonal resources. (== resource_for {$api_version}.reservations ==)
       "commitment": "A String", # [Output Only] Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -606,7 +736,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -632,7 +763,7 @@ 
Method Details

 

 
 

-    resize(project, zone, reservation, body=None, requestId=None, x__xgafv=None)
+    resize(project, zone, reservation, body=None, requestId=None)
   
Resizes the reservation (applicable to standalone reservations only). For more information, read Modifying reservations.
 
 Args:
@@ -646,16 +777,29 @@ 
Method Details

   "specificSkuCount": "A String", # Number of allocated resources can be resized with minimum = 1 and maximum = 1000.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -689,7 +833,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -703,7 +848,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, zone, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, zone, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -716,33 +861,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -750,95 +969,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -846,76 +1157,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, zone, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, zone, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -931,10 +1310,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.resourcePolicies.html b/docs/dyn/compute_v1.resourcePolicies.html
index a8eb5527f13..57c1b611e2f 100644
--- a/docs/dyn/compute_v1.resourcePolicies.html
+++ b/docs/dyn/compute_v1.resourcePolicies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . resourcePolicies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of resource policies.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, resourcePolicy, requestId=None, x__xgafv=None)

+  delete(project, region, resourcePolicy, requestId=None)

 
Deletes the specified resource policy.

 

-  get(project, region, resourcePolicy, x__xgafv=None)

+  get(project, region, resourcePolicy)

 
Retrieves all information of the specified resource policy.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a new resource policy.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
A list all the resource policies that have been configured for the specified project in specified region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of resource policies.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -135,6 +141,8 @@ 
Method Details

     "a_key": { # Name of the scope containing this set of resourcePolicies.
       "resourcePolicies": [ # A list of resourcePolicies contained in this scope.
         { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+            #
+            # (== resource_for {$api_version}.resourcePolicies ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String",
           "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -206,7 +214,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of resourcePolicies when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -224,7 +233,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -255,23 +265,36 @@ 
Method Details

 

 
 

-    delete(project, region, resourcePolicy, requestId=None, x__xgafv=None)
+    delete(project, region, resourcePolicy, requestId=None)
   
Deletes the specified resource policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   resourcePolicy: string, Name of the resource policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -305,7 +328,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -319,22 +343,20 @@ 
Method Details

 

 
 

-    get(project, region, resourcePolicy, x__xgafv=None)
+    get(project, region, resourcePolicy)
   
Retrieves all information of the specified resource policy.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   resourcePolicy: string, Name of the resource policy to retrieve. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+    #
+    # (== resource_for {$api_version}.resourcePolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String",
   "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -406,7 +428,7 @@ 
Method Details

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -414,27 +436,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -442,76 +488,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a new resource policy.
 
 Args:
@@ -521,6 +635,8 @@ 
Method Details

     The object takes the form of:
 
 { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+    # 
+    # (== resource_for {$api_version}.resourcePolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String",
   "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -590,16 +706,29 @@ 
Method Details

   "status": "A String", # [Output Only] The status of resource policy creation.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -633,7 +762,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -647,21 +777,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
A list all the resource policies that have been configured for the specified project in specified region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -671,6 +807,8 @@ 
Method Details

   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of ResourcePolicy resources.
     { # Represents a Resource Policy resource. You can use resource policies to schedule actions for some Compute Engine resources. For example, you can use them to schedule persistent disk snapshots.
+        #
+        # (== resource_for {$api_version}.resourcePolicies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String",
       "groupPlacementPolicy": { # A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality # Resource policy for instances for placement configuration.
@@ -745,7 +883,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -771,7 +910,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -784,33 +923,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -818,95 +1031,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -914,76 +1219,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -999,10 +1372,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.routers.html b/docs/dyn/compute_v1.routers.html
index d5cfda32186..fb9b55a0c8b 100644
--- a/docs/dyn/compute_v1.routers.html
+++ b/docs/dyn/compute_v1.routers.html
@@ -75,7 +75,7 @@
 
Compute Engine API . routers

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of routers.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,55 +84,61 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, router, requestId=None, x__xgafv=None)

+  delete(project, region, router, requestId=None)

 
Deletes the specified Router resource.

 

-  get(project, region, router, x__xgafv=None)

+  get(project, region, router)

 
Returns the specified Router resource. Gets a list of available routers by making a list() request.

 

-  getNatMappingInfo(project, region, router, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  getNatMappingInfo(project, region, router, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves runtime Nat mapping information of VM endpoints.

 

   getNatMappingInfo_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  getRouterStatus(project, region, router, x__xgafv=None)

+  getRouterStatus(project, region, router)

 
Retrieves runtime information of the specified router.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a Router resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Router resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, router, body=None, requestId=None, x__xgafv=None)

+  patch(project, region, router, body=None, requestId=None)

 
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 

-  preview(project, region, router, body=None, x__xgafv=None)

+  preview(project, region, router, body=None)

 
Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.

 

-  update(project, region, router, body=None, requestId=None, x__xgafv=None)

+  update(project, region, router, body=None, requestId=None)

 
Updates the specified Router resource with the data included in the request. This method conforms to PUT semantics, which requests that the state of the target resource be created or replaced with the state defined by the representation enclosed in the request message payload.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of routers.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -142,7 +148,9 @@ 
Method Details

   "items": { # A list of Router resources.
     "a_key": { # Name of the scope containing this set of routers.
       "routers": [ # A list of routers contained in this scope.
-        { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+        { # Represents a Cloud Router resource.
+            #
+            # For more information about Cloud Router, read the Cloud Router overview.
           "bgp": { # BGP information specific to this router.
             "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
             "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -155,12 +163,17 @@ 
Method Details

               },
             ],
             "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-            "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+            "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+                # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+                # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+                # If set, this value must be between 20 and 60. The default is 20.
           },
           "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
             {
               "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-              "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+              "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+                  # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+                  # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
                 "A String",
               ],
               "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -170,10 +183,13 @@ 
Method Details

                 },
               ],
               "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-              "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+              "enable": "A String", # The status of the BGP peer connection.
+                  # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
               "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
               "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-              "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+              "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+                  # - MANAGED_BY_USER is the default value and can be managed by you or other users
+                  # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
               "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
               "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
               "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -181,14 +197,17 @@ 
Method Details

           ],
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+          "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+              # Not currently available publicly.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
             {
               "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
               "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
               "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-              "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+              "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+                  # - MANAGED_BY_USER is the default value and can be managed directly by users.
+                  # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
               "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
             },
           ],
@@ -203,15 +222,23 @@ 
Method Details

               "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
               "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
                 "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-                "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+                "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+                    # - ERRORS_ONLY: Export logs only for connection failures.
+                    # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+                    # - ALL: Export logs for all connections, successful and unsuccessful.
               },
               "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
               "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-              "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+              "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+                  # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+                  # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
               "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
                 "A String",
               ],
-              "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+              "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+                  # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+                  # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+                  # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
               "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
                 { # Defines the IP ranges that want to use NAT for a subnetwork.
                   "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -235,7 +262,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of routers when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -253,7 +281,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -284,23 +313,36 @@ 
Method Details

 

 
 

-    delete(project, region, router, requestId=None, x__xgafv=None)
+    delete(project, region, router, requestId=None)
   
Deletes the specified Router resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -334,7 +376,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -348,22 +391,20 @@ 
Method Details

 

 
 

-    get(project, region, router, x__xgafv=None)
+    get(project, region, router)
   
Returns the specified Router resource. Gets a list of available routers by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+    { # Represents a Cloud Router resource.
+    #
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -376,12 +417,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -391,10 +437,13 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -402,14 +451,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     },
   ],
@@ -424,15 +476,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -456,22 +516,28 @@ 
Method Details

 

 
 

-    getNatMappingInfo(project, region, router, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    getNatMappingInfo(project, region, router, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves runtime Nat mapping information of VM endpoints.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to query for Nat Mapping information of VM endpoints. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -502,7 +568,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -528,17 +595,13 @@ 
Method Details

 

 
 

-    getRouterStatus(project, region, router, x__xgafv=None)
+    getRouterStatus(project, region, router)
   
Retrieves runtime information of the specified router.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   router: string, Name of the Router resource to query. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -547,7 +610,9 @@ 
Method Details

   "kind": "compute#routerStatusResponse", # Type of resource.
   "result": {
     "bestRoutes": [ # Best routes for this router's network.
-      { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+      { # Represents a Route resource.
+          #
+          # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
         "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
         "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
         "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -555,9 +620,13 @@ 
Method Details

         "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
         "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
         "network": "A String", # Fully-qualified URL of the network that this route applies to.
-        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+            # - 10.128.0.56
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+            # - regions/region/forwardingRules/forwardingRule
+        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
         "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
         "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
         "nextHopPeering": "A String", # [Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.
@@ -570,7 +639,8 @@ 
Method Details

         "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
           {
             "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-            "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+            "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
               {
                 "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                 "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -582,7 +652,9 @@ 
Method Details

       },
     ],
     "bestRoutesForRouter": [ # Best routes learned by this router.
-      { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+      { # Represents a Route resource.
+          #
+          # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
         "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
         "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
         "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -590,9 +662,13 @@ 
Method Details

         "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
         "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
         "network": "A String", # Fully-qualified URL of the network that this route applies to.
-        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+        "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+        "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+            # - 10.128.0.56
+            # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+            # - regions/region/forwardingRules/forwardingRule
+        "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+            # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
         "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
         "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
         "nextHopPeering": "A String", # [Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.
@@ -605,7 +681,8 @@ 
Method Details

         "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
           {
             "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-            "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+            "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
               {
                 "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                 "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -619,7 +696,9 @@ 
Method Details

     "bgpPeerStatus": [
       {
         "advertisedRoutes": [ # Routes that were advertised to the remote BGP peer
-          { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+          { # Represents a Route resource.
+              #
+              # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
             "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
             "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
             "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -627,9 +706,13 @@ 
Method Details

             "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
             "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
             "network": "A String", # Fully-qualified URL of the network that this route applies to.
-            "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-            "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-            "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+            "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+            "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+                # - 10.128.0.56
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+                # - regions/region/forwardingRules/forwardingRule
+            "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+                # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
             "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
             "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
             "nextHopPeering": "A String", # [Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.
@@ -642,7 +725,8 @@ 
Method Details

             "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
               {
                 "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-                "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+                "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+                    # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
                   {
                     "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
                     "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -692,7 +776,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a Router resource in the specified project and region using the data included in the request.
 
 Args:
@@ -701,7 +785,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -714,12 +800,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -729,10 +820,13 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -740,14 +834,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     },
   ],
@@ -762,15 +859,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -792,16 +897,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -835,7 +953,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -849,21 +968,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Router resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -871,7 +996,9 @@ 
Method Details

     { # Contains a list of Router resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Router resources.
-    { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+    { # Represents a Cloud Router resource.
+        #
+        # For more information about Cloud Router, read the Cloud Router overview.
       "bgp": { # BGP information specific to this router.
         "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
         "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -884,12 +1011,17 @@ 
Method Details

           },
         ],
         "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-        "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+        "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+            # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+            # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+            # If set, this value must be between 20 and 60. The default is 20.
       },
       "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
         {
           "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-          "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+          "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+              # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+              # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
             "A String",
           ],
           "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -899,10 +1031,13 @@ 
Method Details

             },
           ],
           "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-          "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+          "enable": "A String", # The status of the BGP peer connection.
+              # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
           "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
           "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-          "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+          "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+              # - MANAGED_BY_USER is the default value and can be managed by you or other users
+              # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
           "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
           "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -910,14 +1045,17 @@ 
Method Details

       ],
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+      "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+          # Not currently available publicly.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
         {
           "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
           "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
           "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-          "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+          "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+              # - MANAGED_BY_USER is the default value and can be managed directly by users.
+              # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
           "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
         },
       ],
@@ -932,15 +1070,23 @@ 
Method Details

           "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
           "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
             "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-            "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+            "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+                # - ERRORS_ONLY: Export logs only for connection failures.
+                # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+                # - ALL: Export logs for all connections, successful and unsuccessful.
           },
           "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
           "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-          "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+          "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+              # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+              # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
           "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
             "A String",
           ],
-          "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+          "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+              # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+              # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+              # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
           "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
             { # Defines the IP ranges that want to use NAT for a subnetwork.
               "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -967,7 +1113,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -993,7 +1140,7 @@ 
Method Details

 

 
 

-    patch(project, region, router, body=None, requestId=None, x__xgafv=None)
+    patch(project, region, router, body=None, requestId=None)
   
Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -1003,7 +1150,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1016,12 +1165,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1031,10 +1185,13 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1042,14 +1199,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     },
   ],
@@ -1064,15 +1224,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1094,16 +1262,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1137,7 +1318,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1151,7 +1333,7 @@ 
Method Details

 

 
 

-    preview(project, region, router, body=None, x__xgafv=None)
+    preview(project, region, router, body=None)
   
Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.
 
 Args:
@@ -1161,7 +1343,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1174,12 +1358,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1189,10 +1378,13 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1200,14 +1392,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     },
   ],
@@ -1222,15 +1417,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1252,16 +1455,14 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
     {
-  "resource": { # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview. # Preview of given router.
+  "resource": { # Represents a Cloud Router resource. # Preview of given router.
+      #
+      # For more information about Cloud Router, read the Cloud Router overview.
     "bgp": { # BGP information specific to this router.
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
       "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1274,12 +1475,17 @@ 
Method Details

         },
       ],
       "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-      "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+      "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+          # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+          # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+          # If set, this value must be between 20 and 60. The default is 20.
     },
     "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
       {
         "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-        "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+        "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+            # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+            # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
           "A String",
         ],
         "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1289,10 +1495,13 @@ 
Method Details

           },
         ],
         "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-        "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+        "enable": "A String", # The status of the BGP peer connection.
+            # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
         "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
         "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-        "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+        "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+            # - MANAGED_BY_USER is the default value and can be managed by you or other users
+            # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
         "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
         "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
         "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1300,14 +1509,17 @@ 
Method Details

     ],
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+    "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+        # Not currently available publicly.
     "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
     "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
       {
         "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
         "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
         "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-        "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+        "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+            # - MANAGED_BY_USER is the default value and can be managed directly by users.
+            # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
         "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       },
     ],
@@ -1322,15 +1534,23 @@ 
Method Details

         "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
         "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
           "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-          "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+          "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+              # - ERRORS_ONLY: Export logs only for connection failures.
+              # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+              # - ALL: Export logs for all connections, successful and unsuccessful.
         },
         "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
         "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-        "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+        "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+            # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+            # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
         "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
           "A String",
         ],
-        "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+        "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+            # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+            # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+            # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
         "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
           { # Defines the IP ranges that want to use NAT for a subnetwork.
             "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1355,7 +1575,7 @@ 
Method Details

 

 
 

-    update(project, region, router, body=None, requestId=None, x__xgafv=None)
+    update(project, region, router, body=None, requestId=None)
   
Updates the specified Router resource with the data included in the request. This method conforms to PUT semantics, which requests that the state of the target resource be created or replaced with the state defined by the representation enclosed in the request message payload.
 
 Args:
@@ -1365,7 +1585,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud Router resource. For more information about Cloud Router, read the Cloud Router overview.
+{ # Represents a Cloud Router resource.
+    # 
+    # For more information about Cloud Router, read the Cloud Router overview.
   "bgp": { # BGP information specific to this router.
     "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.
     "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
@@ -1378,12 +1600,17 @@ 
Method Details

       },
     ],
     "asn": 42, # Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.
-    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20.
+    "keepaliveInterval": 42, # The interval in seconds between BGP keepalive messages that are sent to the peer.
+        # Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.
+        # BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.
+        # If set, this value must be between 20 and 60. The default is 20.
   },
   "bgpPeers": [ # BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.
     {
       "advertiseMode": "A String", # User-specified flag to indicate which mode to use for advertisement.
-      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options: - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets. - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
+      "advertisedGroups": [ # User-specified list of prefix groups to advertise in custom mode, which can take one of the following options:
+          # - ALL_SUBNETS: Advertises all available subnets, including peer VPC subnets.
+          # - ALL_VPC_SUBNETS: Advertises the router's own VPC subnets. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.
         "A String",
       ],
       "advertisedIpRanges": [ # User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.
@@ -1393,10 +1620,13 @@ 
Method Details

         },
       ],
       "advertisedRoutePriority": 42, # The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.
-      "enable": "A String", # The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
+      "enable": "A String", # The status of the BGP peer connection.
+          # If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.
       "interfaceName": "A String", # Name of the interface the BGP peer is associated with.
       "ipAddress": "A String", # IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this BGP peer.
+          # - MANAGED_BY_USER is the default value and can be managed by you or other users
+          # - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "peerAsn": 42, # Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.
       "peerIpAddress": "A String", # IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported.
@@ -1404,14 +1634,17 @@ 
Method Details

   ],
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). Not currently available publicly.
+  "encryptedInterconnectRouter": True or False, # Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).
+      # Not currently available publicly.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "interfaces": [ # Router interfaces. Each interface requires either one linked resource, (for example, linkedVpnTunnel), or IP address and IP address range (for example, ipRange), or both.
     {
       "ipRange": "A String", # IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.
       "linkedInterconnectAttachment": "A String", # URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
       "linkedVpnTunnel": "A String", # URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a virtual machine instance.
-      "managementType": "A String", # [Output Only] The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
+      "managementType": "A String", # [Output Only] The resource that configures and manages this interface.
+          # - MANAGED_BY_USER is the default value and can be managed directly by users.
+          # - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.
       "name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     },
   ],
@@ -1426,15 +1659,23 @@ 
Method Details

       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
-        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
+        "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
+            # - ERRORS_ONLY: Export logs only for connection failures.
+            # - TRANSLATIONS_ONLY: Export logs only for successful connections.
+            # - ALL: Export logs for all connections, successful and unsuccessful.
       },
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
-      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
+      "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values:
+          # - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
+          # - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
       "natIps": [ # A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.
         "A String",
       ],
-      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
+      "sourceSubnetworkIpRangesToNat": "A String", # Specify the Nat option, which can take one of the following values:
+          # - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
+          # - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
+          # - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.
       "subnetworks": [ # A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.
         { # Defines the IP ranges that want to use NAT for a subnetwork.
           "name": "A String", # URL for the subnetwork resource that will use NAT.
@@ -1456,16 +1697,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1499,7 +1753,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.routes.html b/docs/dyn/compute_v1.routes.html
index f9cd52aa855..8f78051e181 100644
--- a/docs/dyn/compute_v1.routes.html
+++ b/docs/dyn/compute_v1.routes.html
@@ -78,16 +78,16 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, route, requestId=None, x__xgafv=None)

+  delete(project, route, requestId=None)

 
Deletes the specified Route resource.

 

-  get(project, route, x__xgafv=None)

+  get(project, route)

 
Returns the specified Route resource. Gets a list of available routes by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a Route resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Route resources available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -99,22 +99,35 @@ 
Method Details

 

 
 

-    delete(project, route, requestId=None, x__xgafv=None)
+    delete(project, route, requestId=None)
   
Deletes the specified Route resource.
 
 Args:
   project: string, Project ID for this request. (required)
   route: string, Name of the Route resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -148,7 +161,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -162,21 +176,19 @@ 
Method Details

 

 
 

-    get(project, route, x__xgafv=None)
+    get(project, route)
   
Returns the specified Route resource. Gets a list of available routes by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   route: string, Name of the Route resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+    { # Represents a Route resource.
+    #
+    # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -184,9 +196,13 @@ 
Method Details

   "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # Fully-qualified URL of the network that this route applies to.
-  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+      # - 10.128.0.56
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+      # - regions/region/forwardingRules/forwardingRule
+  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+      # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
   "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
   "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
   "nextHopPeering": "A String", # [Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.
@@ -199,7 +215,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -212,7 +229,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a Route resource in the specified project using the data included in the request.
 
 Args:
@@ -220,7 +237,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+{ # Represents a Route resource.
+    # 
+    # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
   "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -228,9 +247,13 @@ 
Method Details

   "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # Fully-qualified URL of the network that this route applies to.
-  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+  "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+  "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+      # - 10.128.0.56
+      # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+      # - regions/region/forwardingRules/forwardingRule
+  "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+      # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
   "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
   "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
   "nextHopPeering": "A String", # [Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.
@@ -243,7 +266,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -254,16 +278,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -297,7 +334,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -311,20 +349,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Route resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -332,7 +376,9 @@ 
Method Details

     { # Contains a list of Route resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Route resources.
-    { # Represents a Route resource. A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview.
+    { # Represents a Route resource.
+        #
+        # A route defines a path from VM instances in the VPC network to a specific destination. This destination can be inside or outside the VPC network. For more information, read the Routes overview. (== resource_for {$api_version}.routes ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this field when you create the resource.
       "destRange": "A String", # The destination range of outgoing packets that this route applies to. Both IPv4 and IPv6 are supported.
@@ -340,9 +386,13 @@ 
Method Details

       "kind": "compute#route", # [Output Only] Type of this resource. Always compute#routes for Route resources.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # Fully-qualified URL of the network that this route applies to.
-      "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL: projects/ project/global/gateways/default-internet-gateway
-      "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs: - 10.128.0.56 - https://www.googleapis.com/compute/v1/projects/project/regions/region /forwardingRules/forwardingRule - regions/region/forwardingRules/forwardingRule
-      "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
+      "nextHopGateway": "A String", # The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/project/global/gateways/default-internet-gateway
+      "nextHopIlb": "A String", # The URL to a forwarding rule of type loadBalancingScheme=INTERNAL that should handle matching packets or the IP address of the forwarding Rule. For example, the following are all valid URLs:
+          # - 10.128.0.56
+          # - https://www.googleapis.com/compute/v1/projects/project/regions/region/forwardingRules/forwardingRule
+          # - regions/region/forwardingRules/forwardingRule
+      "nextHopInstance": "A String", # The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:
+          # https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/
       "nextHopIp": "A String", # The network IP address of an instance that should handle matching packets. Only IPv4 is supported.
       "nextHopNetwork": "A String", # The URL of the local network if it should handle matching packets.
       "nextHopPeering": "A String", # [Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.
@@ -355,7 +405,8 @@ 
Method Details

       "warnings": [ # [Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -371,7 +422,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.securityPolicies.html b/docs/dyn/compute_v1.securityPolicies.html
index ed2633a0644..5ef539c81cc 100644
--- a/docs/dyn/compute_v1.securityPolicies.html
+++ b/docs/dyn/compute_v1.securityPolicies.html
@@ -75,44 +75,44 @@
 
Compute Engine API . securityPolicies

 
Instance Methods

 

-  addRule(project, securityPolicy, body=None, x__xgafv=None)

+  addRule(project, securityPolicy, body=None)

 
Inserts a rule into a security policy.

 

   close()

 
Close httplib2 connections.

 

-  delete(project, securityPolicy, requestId=None, x__xgafv=None)

+  delete(project, securityPolicy, requestId=None)

 
Deletes the specified policy.

 

-  get(project, securityPolicy, x__xgafv=None)

+  get(project, securityPolicy)

 
List all of the ordered rules present in a single specified policy.

 

-  getRule(project, securityPolicy, priority=None, x__xgafv=None)

+  getRule(project, securityPolicy, priority=None)

 
Gets a rule at the specified priority.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a new policy in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
List all the policies that have been configured for the specified project.

 

-  listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Gets the current list of preconfigured Web Application Firewall (WAF) expressions.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, securityPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, securityPolicy, body=None, requestId=None)

 
Patches the specified policy with the data included in the request. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.

 

-  patchRule(project, securityPolicy, body=None, priority=None, x__xgafv=None)

+  patchRule(project, securityPolicy, body=None, priority=None)

 
Patches a rule at the specified priority.

 

-  removeRule(project, securityPolicy, priority=None, x__xgafv=None)

+  removeRule(project, securityPolicy, priority=None)

 
Deletes a rule at the specified priority.

 
Method Details

 

-    addRule(project, securityPolicy, body=None, x__xgafv=None)
+    addRule(project, securityPolicy, body=None)
   
Inserts a rule into a security policy.
 
 Args:
@@ -131,7 +131,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -143,15 +161,24 @@ 
Method Details

   "priority": 42, # An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -185,7 +212,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -204,22 +232,35 @@ 
Method Details

 

 
 

-    delete(project, securityPolicy, requestId=None, x__xgafv=None)
+    delete(project, securityPolicy, requestId=None)
   
Deletes the specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -253,7 +294,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -267,28 +309,28 @@ 
Method Details

 

 
 

-    get(project, securityPolicy, x__xgafv=None)
+    get(project, securityPolicy)
   
List all of the ordered rules present in a single specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to get. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+    #
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "advancedOptionsConfig": {
     "jsonParsing": "A String",
     "logLevel": "A String",
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -303,7 +345,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -320,17 +380,13 @@ 
Method Details

 

 
 

-    getRule(project, securityPolicy, priority=None, x__xgafv=None)
+    getRule(project, securityPolicy, priority=None)
   
Gets a rule at the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to which the queried rule belongs. (required)
   priority: integer, The priority of the rule to get from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -345,7 +401,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -359,7 +433,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a new policy in the specified project using the data included in the request.
 
 Args:
@@ -367,14 +441,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "advancedOptionsConfig": {
     "jsonParsing": "A String",
     "logLevel": "A String",
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -389,7 +467,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -404,16 +500,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -447,7 +556,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -461,20 +571,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
List all the policies that have been configured for the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -482,14 +598,18 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SecurityPolicy resources.
-    { # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+    { # Represents a Google Cloud Armor security policy resource.
+        #
+        # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
       "advancedOptionsConfig": {
         "jsonParsing": "A String",
         "logLevel": "A String",
       },
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+      "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make get() request to the security policy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -504,7 +624,25 @@ 
Method Details

                 "A String",
               ],
             },
-            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+                #
+                # Example (Comparison):
+                #
+                # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+                #
+                # Example (Equality):
+                #
+                # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+                #
+                # Example (Logic):
+                #
+                # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+                #
+                # Example (Data Manipulation):
+                #
+                # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+                #
+                # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
               "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
               "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
               "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -523,7 +661,8 @@ 
Method Details

   "nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -535,20 +674,26 @@ 
Method Details

 

 
 

-    listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listPreconfiguredExpressionSets(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Gets the current list of preconfigured Web Application Firewall (WAF) expressions.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -563,10 +708,10 @@ 
Method Details

           ],
           "expressions": [ # List of available expressions.
             {
-              "id": "A String", # Expression ID should uniquely identify the origin of the expression. E.g. owasp-crs-v020901-id973337 identifies Owasp core rule set version 2.9.1 rule id 973337. The ID could be used to determine the individual attack definition that has been detected. It could also be used to exclude it from the policy in case of false positive. required
+              "id": "A String", # Expression ID should uniquely identify the origin of the expression. E.g. owasp-crs-v020901-id973337 identifies Owasp core rule set version 2.9.1 rule id 973337. The ID could be used to determine the individual attack definition that has been detected. It could also be used to exclude it from the policy in case of false positive.
             },
           ],
-          "id": "A String", # Google specified expression set ID. The format should be: - E.g. XSS-20170329 required
+          "id": "A String", # Google specified expression set ID. The format should be: - E.g. XSS-20170329
         },
       ],
     },
@@ -589,7 +734,7 @@ 
Method Details

 

 
 

-    patch(project, securityPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, securityPolicy, body=None, requestId=None)
   
Patches the specified policy with the data included in the request. This cannot be used to be update the rules in the policy. Please use the per rule methods like addRule, patchRule, and removeRule instead.
 
 Args:
@@ -598,14 +743,18 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Google Cloud Armor security policy resource. Only external backend services that use load balancers can reference a security policy. For more information, see Google Cloud Armor security policy overview.
+{ # Represents a Google Cloud Armor security policy resource.
+    # 
+    # Only external backend services that use load balancers can reference a security policy. For more information, see  Google Cloud Armor security policy overview. (== resource_for {$api_version}.securityPolicies ==)
   "advancedOptionsConfig": {
     "jsonParsing": "A String",
     "logLevel": "A String",
   },
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make get() request to the security policy.
+  "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make get() request to the security policy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#securityPolicy", # [Output only] Type of the resource. Always compute#securityPolicyfor security policies
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
@@ -620,7 +769,25 @@ 
Method Details

             "A String",
           ],
         },
-        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -635,16 +802,29 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -678,7 +858,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -692,7 +873,7 @@ 
Method Details

 

 
 

-    patchRule(project, securityPolicy, body=None, priority=None, x__xgafv=None)
+    patchRule(project, securityPolicy, body=None, priority=None)
   
Patches a rule at the specified priority.
 
 Args:
@@ -711,7 +892,25 @@ 
Method Details

         "A String",
       ],
     },
-    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+    "expr": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header.
+        #
+        # Example (Comparison):
+        #
+        # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+        #
+        # Example (Equality):
+        #
+        # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+        #
+        # Example (Logic):
+        #
+        # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+        #
+        # Example (Data Manipulation):
+        #
+        # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+        #
+        # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
       "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
       "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
       "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
@@ -724,15 +923,24 @@ 
Method Details

 }
 
   priority: integer, The priority of the rule to patch.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -766,7 +974,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -780,22 +989,31 @@ 
Method Details

 

 
 

-    removeRule(project, securityPolicy, priority=None, x__xgafv=None)
+    removeRule(project, securityPolicy, priority=None)
   
Deletes a rule at the specified priority.
 
 Args:
   project: string, Project ID for this request. (required)
   securityPolicy: string, Name of the security policy to update. (required)
   priority: integer, The priority of the rule to remove from the security policy.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -829,7 +1047,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.snapshots.html b/docs/dyn/compute_v1.snapshots.html
index b6156fd441d..e25480778bc 100644
--- a/docs/dyn/compute_v1.snapshots.html
+++ b/docs/dyn/compute_v1.snapshots.html
@@ -78,28 +78,28 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, snapshot, requestId=None, x__xgafv=None)

-
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot. For more information, see Deleting snapshots.

+  delete(project, snapshot, requestId=None)

+
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.

 

-  get(project, snapshot, x__xgafv=None)

+  get(project, snapshot)

 
Returns the specified Snapshot resource. Gets a list of available snapshots by making a list() request.

 

-  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Snapshot resources contained within the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setIamPolicy(project, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setLabels(project, resource, body=None, x__xgafv=None)

+  setLabels(project, resource, body=None)

 
Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

@@ -108,22 +108,37 @@ 
Method Details

 

 
 

-    delete(project, snapshot, requestId=None, x__xgafv=None)
-  
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot. For more information, see Deleting snapshots.
+    delete(project, snapshot, requestId=None)
+  
Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.
+
+For more information, see Deleting snapshots.
 
 Args:
   project: string, Project ID for this request. (required)
   snapshot: string, Name of the Snapshot resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -157,7 +172,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -171,21 +187,19 @@ 
Method Details

 

 
 

-    get(project, snapshot, x__xgafv=None)
+    get(project, snapshot)
   
Returns the specified Snapshot resource. Gets a list of available snapshots by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   snapshot: string, Name of the Snapshot resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+    { # Represents a Persistent Disk Snapshot resource.
+    #
+    # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
   "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
   "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -194,7 +208,9 @@ 
Method Details

   "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a snapshot.
   "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
     "a_key": "A String",
   },
@@ -208,7 +224,13 @@ 
Method Details

   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+  "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+      #
+      # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+      #
+      # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+      #
+      # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
     "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
     "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
@@ -232,34 +254,58 @@ 
Method Details

 

 
 

-    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
   project: string, Project ID for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -267,89 +313,163 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Snapshot resources contained within the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -357,7 +477,9 @@ 
Method Details

     { # Contains a list of Snapshot resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Snapshot resources.
-    { # Represents a Persistent Disk Snapshot resource. You can use snapshots to back up data on a regular interval. For more information, read Creating persistent disk snapshots.
+    { # Represents a Persistent Disk Snapshot resource.
+        #
+        # You can use snapshots to back up data on a regular interval. For more information, read  Creating persistent disk snapshots. (== resource_for {$api_version}.snapshots ==)
       "autoCreated": True or False, # [Output Only] Set to true if snapshots are automatically created by applying resource policy on the target disk.
       "chainName": "A String", # Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
@@ -366,7 +488,9 @@ 
Method Details

       "downloadBytes": "A String", # [Output Only] Number of bytes downloaded to restore a snapshot to a disk.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#snapshot", # [Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a snapshot.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a snapshot.
       "labels": { # Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.
         "a_key": "A String",
       },
@@ -380,7 +504,13 @@ 
Method Details

       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
+      "snapshotEncryptionKey": { # Encrypts the snapshot using a customer-supplied encryption key.
+          #
+          # After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.
+          #
+          # Customer-supplied encryption keys do not protect access to metadata of the snapshot.
+          #
+          # If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
         "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
         "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
@@ -407,7 +537,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -433,7 +564,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -445,33 +576,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -479,95 +684,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -575,76 +872,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setLabels(project, resource, body=None, x__xgafv=None)
+    setLabels(project, resource, body=None)
   
Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -660,15 +1025,24 @@ 
Method Details

   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -702,7 +1076,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -716,7 +1091,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -731,10 +1106,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.sslCertificates.html b/docs/dyn/compute_v1.sslCertificates.html
index 79dc1aee6dd..68bba9a2dfd 100644
--- a/docs/dyn/compute_v1.sslCertificates.html
+++ b/docs/dyn/compute_v1.sslCertificates.html
@@ -75,7 +75,7 @@
 
Compute Engine API . sslCertificates

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all SslCertificate resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, sslCertificate, requestId=None, x__xgafv=None)

+  delete(project, sslCertificate, requestId=None)

 
Deletes the specified SslCertificate resource.

 

-  get(project, sslCertificate, x__xgafv=None)

+  get(project, sslCertificate)

 
Returns the specified SslCertificate resource. Gets a list of available SSL certificates by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a SslCertificate resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of SslCertificate resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all SslCertificate resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,7 +130,21 @@ 
Method Details

   "items": { # A list of SslCertificatesScopedList resources.
     "a_key": { # Name of the scope containing this set of SslCertificates.
       "sslCertificates": [ # List of SslCertificates contained in this scope.
-        { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/v1/sslCertificates) * [Regional](/compute/docs/reference/rest/v1/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+        { # Represents an SSL Certificate resource.
+            #
+            # Google Compute Engine has two SSL Certificate resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+            #
+            #
+            #
+            # The sslCertificates are used by:
+            # - external HTTPS load balancers
+            # - SSL proxy load balancers
+            #
+            # The regionSslCertificates are used by internal HTTPS load balancers.
+            #
+            # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
           "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -156,7 +176,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -174,7 +195,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -205,22 +227,35 @@ 
Method Details

 

 
 

-    delete(project, sslCertificate, requestId=None, x__xgafv=None)
+    delete(project, sslCertificate, requestId=None)
   
Deletes the specified SslCertificate resource.
 
 Args:
   project: string, Project ID for this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -254,7 +289,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -268,21 +304,31 @@ 
Method Details

 

 
 

-    get(project, sslCertificate, x__xgafv=None)
+    get(project, sslCertificate)
   
Returns the specified SslCertificate resource. Gets a list of available SSL certificates by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   sslCertificate: string, Name of the SslCertificate resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/v1/sslCertificates) * [Regional](/compute/docs/reference/rest/v1/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+    #
+    # Google Compute Engine has two SSL Certificate resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    #
+    #
+    #
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    #
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    #
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -314,7 +360,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a SslCertificate resource in the specified project using the data included in the request.
 
 Args:
@@ -322,7 +368,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/v1/sslCertificates) * [Regional](/compute/docs/reference/rest/v1/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+{ # Represents an SSL Certificate resource.
+    # 
+    # Google Compute Engine has two SSL Certificate resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+    # 
+    # 
+    # 
+    # The sslCertificates are used by:
+    # - external HTTPS load balancers
+    # - SSL proxy load balancers
+    # 
+    # The regionSslCertificates are used by internal HTTPS load balancers.
+    # 
+    # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
   "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -352,16 +412,29 @@ 
Method Details

   "type": "A String", # (Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields certificate and private_key are used.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -395,7 +468,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -409,20 +483,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of SslCertificate resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -430,7 +510,21 @@ 
Method Details

     { # Contains a list of SslCertificate resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslCertificate resources.
-    { # Represents an SSL Certificate resource. Google Compute Engine has two SSL Certificate resources: * [Global](/compute/docs/reference/rest/v1/sslCertificates) * [Regional](/compute/docs/reference/rest/v1/regionSslCertificates) The sslCertificates are used by: - external HTTPS load balancers - SSL proxy load balancers The regionSslCertificates are used by internal HTTPS load balancers. Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
+    { # Represents an SSL Certificate resource.
+        #
+        # Google Compute Engine has two SSL Certificate resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/sslCertificates) * [Regional](/compute/docs/reference/rest/{$api_version}/regionSslCertificates)
+        #
+        #
+        #
+        # The sslCertificates are used by:
+        # - external HTTPS load balancers
+        # - SSL proxy load balancers
+        #
+        # The regionSslCertificates are used by internal HTTPS load balancers.
+        #
+        # Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read  Creating and using SSL certificates, SSL certificates quotas and limits, and  Troubleshooting SSL certificates. (== resource_for {$api_version}.sslCertificates ==) (== resource_for {$api_version}.regionSslCertificates ==)
       "certificate": "A String", # A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -465,7 +559,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.sslPolicies.html b/docs/dyn/compute_v1.sslPolicies.html
index a0a2b7ef0e7..e2c80ee71bd 100644
--- a/docs/dyn/compute_v1.sslPolicies.html
+++ b/docs/dyn/compute_v1.sslPolicies.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, sslPolicy, requestId=None, x__xgafv=None)

+  delete(project, sslPolicy, requestId=None)

 
Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.

 

-  get(project, sslPolicy, x__xgafv=None)

+  get(project, sslPolicy)

 
Lists all of the ordered rules present in a single specified policy.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Returns the specified SSL policy resource. Gets a list of available SSL policies by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all the SSL policies that have been configured for the specified project.

 

-  listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists all features that can be specified in the SSL policy when using custom profile.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, sslPolicy, body=None, requestId=None, x__xgafv=None)

+  patch(project, sslPolicy, body=None, requestId=None)

 
Patches the specified SSL policy with the data included in the request.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, sslPolicy, requestId=None, x__xgafv=None)
+    delete(project, sslPolicy, requestId=None)
   
Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.
 
 Args:
   project: string, Project ID for this request. (required)
   sslPolicy: string, Name of the SSL policy to delete. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,30 +182,31 @@ 
Method Details

 

 
 

-    get(project, sslPolicy, x__xgafv=None)
+    get(project, sslPolicy)
   
Lists all of the ordered rules present in a single specified policy.
 
 Args:
   project: string, Project ID for this request. (required)
   sslPolicy: string, Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+    { # Represents an SSL Policy resource.
+    #
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -201,7 +216,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -214,7 +230,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Returns the specified SSL policy resource. Gets a list of available SSL policies by making a list() request.
 
 Args:
@@ -222,16 +238,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+{ # Represents an SSL Policy resource.
+    # 
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -241,7 +262,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -252,16 +274,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -295,7 +330,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -309,20 +345,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all the SSL policies that have been configured for the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -330,16 +372,21 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of SslPolicy resources.
-    { # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+    { # Represents an SSL Policy resource.
+        #
+        # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+      "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+          # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
         "A String",
       ],
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
         "A String",
       ],
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
       "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -349,7 +396,8 @@ 
Method Details

       "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -365,7 +413,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -377,20 +426,26 @@ 
Method Details

 

 
 

-    listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listAvailableFeatures(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists all features that can be specified in the SSL policy when using custom profile.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -417,7 +472,7 @@ 
Method Details

 

 
 

-    patch(project, sslPolicy, body=None, requestId=None, x__xgafv=None)
+    patch(project, sslPolicy, body=None, requestId=None)
   
Patches the specified SSL policy with the data included in the request.
 
 Args:
@@ -426,16 +481,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents an SSL Policy resource. Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read SSL Policy Concepts.
+{ # Represents an SSL Policy resource.
+    # 
+    # Use SSL policies to control the SSL features, such as versions and cipher suites, offered by an HTTPS or SSL Proxy load balancer. For more information, read  SSL Policy Concepts. (== resource_for {$api_version}.sslPolicies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
+  "customFeatures": [ # A list of features enabled when the selected profile is CUSTOM. The
+      # - method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
     "A String",
   ],
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "enabledFeatures": [ # [Output Only] The list of features enabled in the SSL policy.
     "A String",
   ],
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#sslPolicy", # [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
   "minTlsVersion": "A String", # The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
@@ -445,7 +505,8 @@ 
Method Details

   "warnings": [ # [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -456,16 +517,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -499,7 +573,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.subnetworks.html b/docs/dyn/compute_v1.subnetworks.html
index d056291b2c4..43ebc7cb85f 100644
--- a/docs/dyn/compute_v1.subnetworks.html
+++ b/docs/dyn/compute_v1.subnetworks.html
@@ -75,7 +75,7 @@
 
Compute Engine API . subnetworks

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of subnetworks.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,25 +84,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, subnetwork, requestId=None, x__xgafv=None)

+  delete(project, region, subnetwork, requestId=None)

 
Deletes the specified subnetwork.

 

-  expandIpCidrRange(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)

+  expandIpCidrRange(project, region, subnetwork, body=None, requestId=None)

 
Expands the IP CIDR range of the subnetwork to a specified value.

 

-  get(project, region, subnetwork, x__xgafv=None)

+  get(project, region, subnetwork)

 
Returns the specified subnetwork. Gets a list of available subnetworks list() request.

 

-  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)

+  getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

 
Gets the access control policy for a resource. May be empty if no such policy or resource exists.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a subnetwork in the specified project using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of subnetworks available to the specified project.

 

-  listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of all usable subnetworks in the project.

 

   listUsable_next(previous_request, previous_response)

@@ -111,34 +111,40 @@ 
Instance Methods

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None, x__xgafv=None)

+  patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None)

 
Patches the specified subnetwork with the data included in the request. Only certain fields can be updated with a patch request as indicated in the field descriptions. You must specify the current fingerprint of the subnetwork resource being patched.

 

-  setIamPolicy(project, region, resource, body=None, x__xgafv=None)

+  setIamPolicy(project, region, resource, body=None)

 
Sets the access control policy on the specified resource. Replaces any existing policy.

 

-  setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)

+  setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None)

 
Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of subnetworks.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -148,12 +154,16 @@ 
Method Details

   "items": { # A list of SubnetworksScopedList resources.
     "a_key": { # Name of the scope containing this set of Subnetworks.
       "subnetworks": [ # A list of subnetworks contained in this scope.
-        { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+        { # Represents a Subnetwork resource.
+            #
+            # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
           "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
           "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
           "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -173,7 +183,9 @@ 
Method Details

           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
           "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+          "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+              #
+              # This field can be both set at resource creation time and updated using patch.
           "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
           "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
           "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -184,13 +196,16 @@ 
Method Details

             },
           ],
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+          "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+              #
+              # This field can be both set at resource creation time and updated using patch.
           "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
         },
       ],
       "warning": { # An informational warning that appears when the list of addresses is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -208,7 +223,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -239,23 +255,36 @@ 
Method Details

 

 
 

-    delete(project, region, subnetwork, requestId=None, x__xgafv=None)
+    delete(project, region, subnetwork, requestId=None)
   
Deletes the specified subnetwork.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   subnetwork: string, Name of the Subnetwork resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -289,7 +318,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -303,7 +333,7 @@ 
Method Details

 

 
 

-    expandIpCidrRange(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)
+    expandIpCidrRange(project, region, subnetwork, body=None, requestId=None)
   
Expands the IP CIDR range of the subnetwork to a specified value.
 
 Args:
@@ -317,16 +347,29 @@ 
Method Details

   "ipCidrRange": "A String", # The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -360,7 +403,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -374,27 +418,27 @@ 
Method Details

 

 
 

-    get(project, region, subnetwork, x__xgafv=None)
+    get(project, region, subnetwork)
   
Returns the specified subnetwork. Gets a list of available subnetworks list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   subnetwork: string, Name of the Subnetwork resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a Subnetwork resource.
+    #
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -414,7 +458,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      #
+      # This field can be both set at resource creation time and updated using patch.
   "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
   "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -425,13 +471,15 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      #
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
 }

 

 
 

-    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None, x__xgafv=None)
+    getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)
   
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
 
 Args:
@@ -439,27 +487,51 @@ 
Method Details

   region: string, The name of the region for this request. (required)
   resource: string, Name or id of the resource for this request. (required)
   optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -467,76 +539,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a subnetwork in the specified project using the data included in the request.
 
 Args:
@@ -545,12 +685,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a Subnetwork resource.
+    # 
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -570,7 +714,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
   "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -581,20 +727,35 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -628,7 +789,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -642,21 +804,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of subnetworks available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -664,12 +832,16 @@ 
Method Details

     { # Contains a list of Subnetwork resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Subnetwork resources.
-    { # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+    { # Represents a Subnetwork resource.
+        #
+        # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
       "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
       "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
       "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -689,7 +861,9 @@ 
Method Details

       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
       "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+      "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+          #
+          # This field can be both set at resource creation time and updated using patch.
       "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
       "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
       "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -700,7 +874,9 @@ 
Method Details

         },
       ],
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+      "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+          #
+          # This field can be both set at resource creation time and updated using patch.
       "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
     },
   ],
@@ -709,7 +885,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -721,20 +898,26 @@ 
Method Details

 

 
 

-    listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    listUsable(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of all usable subnetworks in the project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -759,7 +942,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -799,7 +983,7 @@ 
Method Details

 

 
 

-    patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None, x__xgafv=None)
+    patch(project, region, subnetwork, body=None, drainTimeoutSeconds=None, requestId=None)
   
Patches the specified subnetwork with the data included in the request. Only certain fields can be updated with a patch request as indicated in the field descriptions. You must specify the current fingerprint of the subnetwork resource being patched.
 
 Args:
@@ -809,12 +993,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Subnetwork resource. A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read Virtual Private Cloud (VPC) Network.
+{ # Represents a Subnetwork resource.
+    # 
+    # A subnetwork (also known as a subnet) is a logical partition of a Virtual Private Cloud network with one primary IP range and zero or more secondary IP ranges. For more information, read  Virtual Private Cloud (VPC) Network. (== resource_for {$api_version}.subnetworks ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.
   "enableFlowLogs": True or False, # Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is to disable flow logging. This field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "externalIpv6Prefix": "A String", # [Output Only] The range of external IPv6 addresses that are owned by this subnetwork.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a Subnetwork.
   "gatewayAddress": "A String", # [Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "ipCidrRange": "A String", # The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 100.64.0.0/10. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field is set at resource creation time. The range can be any range listed in the Valid ranges list. The range can be expanded after creation using expandIpCidrRange.
@@ -834,7 +1022,9 @@ 
Method Details

   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "network": "A String", # The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.
   "privateIpGoogleAccess": True or False, # Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.
-  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority. This field can be both set at resource creation time and updated using patch.
+  "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VMs in this subnet. This is an expanded field of enablePrivateV6Access. If both fields are set, privateIpv6GoogleAccess will take priority.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "purpose": "A String", # The purpose of the resource. This field can be either PRIVATE_RFC_1918 or INTERNAL_HTTPS_LOAD_BALANCER. A subnetwork with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a user-created subnetwork that is reserved for Internal HTTP(S) Load Balancing. If unspecified, the purpose defaults to PRIVATE_RFC_1918. The enableFlowLogs field isn't supported with the purpose field set to INTERNAL_HTTPS_LOAD_BALANCER.
   "region": "A String", # URL of the region where the Subnetwork resides. This field can be set only at resource creation time.
   "role": "A String", # The role of subnetwork. Currently, this field is only used when purpose = INTERNAL_HTTPS_LOAD_BALANCER. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Internal HTTP(S) Load Balancing. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.
@@ -845,21 +1035,36 @@ 
Method Details

     },
   ],
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used. This field can be both set at resource creation time and updated using patch.
+  "stackType": "A String", # The stack type for this subnet to identify whether the IPv6 feature is enabled or not. If not specified IPV4_ONLY will be used.
+      # 
+      # This field can be both set at resource creation time and updated using patch.
   "state": "A String", # [Output Only] The state of the subnetwork, which can be one of the following values: READY: Subnetwork is created and ready to use DRAINING: only applicable to subnetworks that have the purpose set to INTERNAL_HTTPS_LOAD_BALANCER and indicates that connections to the load balancer are being drained. A subnetwork that is draining cannot be used or modified until it reaches a status of READY
 }
 
   drainTimeoutSeconds: integer, The drain timeout specifies the upper bound in seconds on the amount of time allowed to drain connections from the current ACTIVE subnetwork to the current BACKUP subnetwork. The drain timeout is only applicable when the following conditions are true: - the subnetwork being patched has purpose = INTERNAL_HTTPS_LOAD_BALANCER - the subnetwork being patched has role = BACKUP - the patch request is setting the role to ACTIVE. Note that after this patch operation the roles of the ACTIVE and BACKUP subnetworks will be swapped.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -893,7 +1098,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -907,7 +1113,7 @@ 
Method Details

 

 
 

-    setIamPolicy(project, region, resource, body=None, x__xgafv=None)
+    setIamPolicy(project, region, resource, body=None)
   
Sets the access control policy on the specified resource. Replaces any existing policy.
 
 Args:
@@ -920,33 +1126,107 @@ 
Method Details

 {
   "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
-          { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
               "A String",
             ],
-            "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+            "ignoreChildExemptions": True or False,
             "logType": "A String", # The log type that this config enables.
           },
         ],
-        "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+        "exemptedMembers": [
           "A String",
         ],
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -954,95 +1234,187 @@ 
Method Details

     ],
     "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
       { # Associates `members` with a `role`.
-        "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
         "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
-    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-    "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-    "rules": [ # This is deprecated and has no effect. Do not use.
-      { # This is deprecated and has no effect. Do not use.
-        "action": "A String", # This is deprecated and has no effect. Do not use.
-        "conditions": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "iam": "A String", # This is deprecated and has no effect. Do not use.
-            "op": "A String", # This is deprecated and has no effect. Do not use.
-            "svc": "A String", # This is deprecated and has no effect. Do not use.
-            "sys": "A String", # This is deprecated and has no effect. Do not use.
-            "values": [ # This is deprecated and has no effect. Do not use.
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
               "A String",
             ],
           },
         ],
-        "description": "A String", # This is deprecated and has no effect. Do not use.
-        "ins": [ # This is deprecated and has no effect. Do not use.
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
           "A String",
         ],
-        "logConfigs": [ # This is deprecated and has no effect. Do not use.
-          { # This is deprecated and has no effect. Do not use.
-            "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-                "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
               },
-              "logName": "A String", # This is deprecated and has no effect. Do not use.
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
             },
-            "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "customFields": [ # This is deprecated and has no effect. Do not use.
-                { # This is deprecated and has no effect. Do not use.
-                  "name": "A String", # This is deprecated and has no effect. Do not use.
-                  "value": "A String", # This is deprecated and has no effect. Do not use.
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
                 },
               ],
-              "field": "A String", # This is deprecated and has no effect. Do not use.
-              "metric": "A String", # This is deprecated and has no effect. Do not use.
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
             },
-            "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "logMode": "A String", # This is deprecated and has no effect. Do not use.
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
             },
           },
         ],
-        "notIns": [ # This is deprecated and has no effect. Do not use.
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
           "A String",
         ],
-        "permissions": [ # This is deprecated and has no effect. Do not use.
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
           "A String",
         ],
       },
     ],
-    "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
-    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
-        { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
-          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
             "A String",
           ],
-          "ignoreChildExemptions": True or False, # This is deprecated and has no effect. Do not use.
+          "ignoreChildExemptions": True or False,
           "logType": "A String", # The log type that this config enables.
         },
       ],
-      "exemptedMembers": [ # This is deprecated and has no effect. Do not use.
+      "exemptedMembers": [
         "A String",
       ],
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
@@ -1050,76 +1422,144 @@ 
Method Details

   ],
   "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
     { # Associates `members` with a `role`.
-      "bindingId": "A String", # This is deprecated and has no effect. Do not use.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
       "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
-  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
-  "iamOwned": True or False, # This is deprecated and has no effect. Do not use.
-  "rules": [ # This is deprecated and has no effect. Do not use.
-    { # This is deprecated and has no effect. Do not use.
-      "action": "A String", # This is deprecated and has no effect. Do not use.
-      "conditions": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "iam": "A String", # This is deprecated and has no effect. Do not use.
-          "op": "A String", # This is deprecated and has no effect. Do not use.
-          "svc": "A String", # This is deprecated and has no effect. Do not use.
-          "sys": "A String", # This is deprecated and has no effect. Do not use.
-          "values": [ # This is deprecated and has no effect. Do not use.
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
             "A String",
           ],
         },
       ],
-      "description": "A String", # This is deprecated and has no effect. Do not use.
-      "ins": [ # This is deprecated and has no effect. Do not use.
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
         "A String",
       ],
-      "logConfigs": [ # This is deprecated and has no effect. Do not use.
-        { # This is deprecated and has no effect. Do not use.
-          "cloudAudit": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "authorizationLoggingOptions": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-              "permissionType": "A String", # This is deprecated and has no effect. Do not use.
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
             },
-            "logName": "A String", # This is deprecated and has no effect. Do not use.
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
           },
-          "counter": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "customFields": [ # This is deprecated and has no effect. Do not use.
-              { # This is deprecated and has no effect. Do not use.
-                "name": "A String", # This is deprecated and has no effect. Do not use.
-                "value": "A String", # This is deprecated and has no effect. Do not use.
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
               },
             ],
-            "field": "A String", # This is deprecated and has no effect. Do not use.
-            "metric": "A String", # This is deprecated and has no effect. Do not use.
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
           },
-          "dataAccess": { # This is deprecated and has no effect. Do not use. # This is deprecated and has no effect. Do not use.
-            "logMode": "A String", # This is deprecated and has no effect. Do not use.
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
           },
         },
       ],
-      "notIns": [ # This is deprecated and has no effect. Do not use.
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
         "A String",
       ],
-      "permissions": [ # This is deprecated and has no effect. Do not use.
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
         "A String",
       ],
     },
   ],
-  "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
 }

 

 
 

-    setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None, x__xgafv=None)
+    setPrivateIpGoogleAccess(project, region, subnetwork, body=None, requestId=None)
   
Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.
 
 Args:
@@ -1133,16 +1573,29 @@ 
Method Details

   "privateIpGoogleAccess": True or False,
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1176,7 +1629,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1190,7 +1644,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -1206,10 +1660,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.targetGrpcProxies.html b/docs/dyn/compute_v1.targetGrpcProxies.html
index 8cb5ea6b443..df23bbc04ca 100644
--- a/docs/dyn/compute_v1.targetGrpcProxies.html
+++ b/docs/dyn/compute_v1.targetGrpcProxies.html
@@ -78,22 +78,22 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetGrpcProxy, requestId=None, x__xgafv=None)

+  delete(project, targetGrpcProxy, requestId=None)

 
Deletes the specified TargetGrpcProxy in the given scope

 

-  get(project, targetGrpcProxy, x__xgafv=None)

+  get(project, targetGrpcProxy)

 
Returns the specified TargetGrpcProxy resource in the given scope.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetGrpcProxy in the specified project in the given scope using the parameters that are included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Lists the TargetGrpcProxies for a project in the given scope.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetGrpcProxy, body=None, requestId=None, x__xgafv=None)

+  patch(project, targetGrpcProxy, body=None, requestId=None)

 
Patches the specified TargetGrpcProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

 
Method Details

 

@@ -102,22 +102,35 @@ 
Method Details

 

 
 

-    delete(project, targetGrpcProxy, requestId=None, x__xgafv=None)
+    delete(project, targetGrpcProxy, requestId=None)
   
Deletes the specified TargetGrpcProxy in the given scope
 
 Args:
   project: string, Project ID for this request. (required)
   targetGrpcProxy: string, Name of the TargetGrpcProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -151,7 +164,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -165,21 +179,19 @@ 
Method Details

 

 
 

-    get(project, targetGrpcProxy, x__xgafv=None)
+    get(project, targetGrpcProxy)
   
Returns the specified TargetGrpcProxy resource in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
   targetGrpcProxy: string, Name of the TargetGrpcProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+    { # Represents a Target gRPC Proxy resource.
+    #
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -194,7 +206,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetGrpcProxy in the specified project in the given scope using the parameters that are included in the request.
 
 Args:
@@ -202,7 +214,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+{ # Represents a Target gRPC Proxy resource.
+    # 
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -215,16 +229,29 @@ 
Method Details

   "validateForProxyless": True or False, # If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using a sidecar proxy. This will enable configuration checks on urlMap and its referenced BackendServices to not allow unsupported features. A gRPC application must use "xds:///" scheme in the target URI of the service it is connecting to. If false, indicates that the BackendServices referenced by the urlMap will be accessed by gRPC applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -258,7 +285,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -272,20 +300,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Lists the TargetGrpcProxies for a project in the given scope.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -293,7 +327,9 @@ 
Method Details

     {
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetGrpcProxy resources.
-    { # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+    { # Represents a Target gRPC Proxy resource.
+        #
+        # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -311,7 +347,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -337,7 +374,7 @@ 
Method Details

 

 
 

-    patch(project, targetGrpcProxy, body=None, requestId=None, x__xgafv=None)
+    patch(project, targetGrpcProxy, body=None, requestId=None)
   
Patches the specified TargetGrpcProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
 
 Args:
@@ -346,7 +383,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target gRPC Proxy resource. A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services.
+{ # Represents a Target gRPC Proxy resource.
+    # 
+    # A target gRPC proxy is a component of load balancers intended for load balancing gRPC traffic. Only global forwarding rules with load balancing scheme INTERNAL_SELF_MANAGED can reference a target gRPC proxy. The target gRPC Proxy references a URL map that specifies how traffic is routed to gRPC backend services. (== resource_for {$api_version}.targetGrpcProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetGrpcProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetGrpcProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetGrpcProxy.
@@ -359,16 +398,29 @@ 
Method Details

   "validateForProxyless": True or False, # If true, indicates that the BackendServices referenced by the urlMap may be accessed by gRPC applications without using a sidecar proxy. This will enable configuration checks on urlMap and its referenced BackendServices to not allow unsupported features. A gRPC application must use "xds:///" scheme in the target URI of the service it is connecting to. If false, indicates that the BackendServices referenced by the urlMap will be accessed by gRPC applications via a sidecar proxy. In this case, a gRPC application must not use "xds:///" scheme in the target URI of the service it is connecting to
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -402,7 +454,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.targetHttpProxies.html b/docs/dyn/compute_v1.targetHttpProxies.html
index 2691ad01c95..c22bf49cc61 100644
--- a/docs/dyn/compute_v1.targetHttpProxies.html
+++ b/docs/dyn/compute_v1.targetHttpProxies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetHttpProxies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all TargetHttpProxy resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,43 +84,49 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetHttpProxy, requestId=None, x__xgafv=None)

+  delete(project, targetHttpProxy, requestId=None)

 
Deletes the specified TargetHttpProxy resource.

 

-  get(project, targetHttpProxy, x__xgafv=None)

+  get(project, targetHttpProxy)

 
Returns the specified TargetHttpProxy resource. Gets a list of available target HTTP proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetHttpProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

-
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

+  patch(project, targetHttpProxy, body=None, requestId=None)

+
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)

 

-  setUrlMap(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, targetHttpProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpProxy.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all TargetHttpProxy resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -130,14 +136,28 @@ 
Method Details

   "items": { # A list of TargetHttpProxiesScopedList resources.
     "a_key": { # Name of the scope containing this set of TargetHttpProxies.
       "targetHttpProxies": [ # A list of TargetHttpProxies contained in this scope.
-        { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+        { # Represents a Target HTTP Proxy resource.
+            #
+            # Google Compute Engine has two Target HTTP Proxy resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+            #
+            # A target HTTP proxy is a component of GCP HTTP load balancers.
+            #
+            # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+            #
+            # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              #
+              # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+              #
+              # The default is false.
           "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -145,7 +165,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -184,22 +205,35 @@ 
Method Details

 

 
 

-    delete(project, targetHttpProxy, requestId=None, x__xgafv=None)
+    delete(project, targetHttpProxy, requestId=None)
   
Deletes the specified TargetHttpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -233,7 +267,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -247,28 +282,38 @@ 
Method Details

 

 
 

-    get(project, targetHttpProxy, x__xgafv=None)
+    get(project, targetHttpProxy)
   
Returns the specified TargetHttpProxy resource. Gets a list of available target HTTP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpProxy: string, Name of the TargetHttpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    #
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    #
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    #
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -276,7 +321,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetHttpProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -284,29 +329,56 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -340,7 +412,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -354,20 +427,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -375,14 +454,28 @@ 
Method Details

     { # A list of TargetHttpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpProxy resources.
-    { # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+    { # Represents a Target HTTP Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTP Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+        #
+        # A target HTTP proxy is a component of GCP HTTP load balancers.
+        #
+        # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+        #
+        # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
@@ -393,7 +486,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -419,8 +513,8 @@ 
Method Details

 

 
 

-    patch(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
+    patch(project, targetHttpProxy, body=None, requestId=None)
+  
Patches the specified TargetHttpProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)
 
 Args:
   project: string, Project ID for this request. (required)
@@ -428,29 +522,56 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTP Proxy resource. Google Compute Engine has two Target HTTP Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpProxies) A target HTTP proxy is a component of GCP HTTP load balancers. * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers. Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
+{ # Represents a Target HTTP Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTP Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpProxies)
+    # 
+    # A target HTTP proxy is a component of GCP HTTP load balancers.
+    # 
+    # * targetHttpProxies are used by external HTTP load balancers and Traffic Director. * regionTargetHttpProxies are used by internal HTTP load balancers.
+    # 
+    # Forwarding rules reference a target HTTP proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpProxies ==) (== resource_for {$api_version}.regionTargetHttpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpProxy. An up-to-date fingerprint must be provided in order to patch/update the TargetHttpProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpProxy", # [Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "region": "A String", # [Output Only] URL of the region where the regional Target HTTP Proxy resides. This field is not applicable to global Target HTTP Proxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "urlMap": "A String", # URL to the UrlMap resource that defines the mapping from URL to the BackendService.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -484,7 +605,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -498,7 +620,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, targetHttpProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, targetHttpProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpProxy.
 
 Args:
@@ -511,16 +633,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -554,7 +689,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.targetHttpsProxies.html b/docs/dyn/compute_v1.targetHttpsProxies.html
index 8e14b41d7dc..54d2623f9ca 100644
--- a/docs/dyn/compute_v1.targetHttpsProxies.html
+++ b/docs/dyn/compute_v1.targetHttpsProxies.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetHttpsProxies

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all TargetHttpsProxy resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,52 +84,58 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetHttpsProxy, requestId=None, x__xgafv=None)

+  delete(project, targetHttpsProxy, requestId=None)

 
Deletes the specified TargetHttpsProxy resource.

 

-  get(project, targetHttpsProxy, x__xgafv=None)

+  get(project, targetHttpsProxy)

 
Returns the specified TargetHttpsProxy resource. Gets a list of available target HTTPS proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetHttpsProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetHttpsProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

-
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.

+  patch(project, targetHttpsProxy, body=None, requestId=None)

+
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)

 

-  setQuicOverride(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setQuicOverride(project, targetHttpsProxy, body=None, requestId=None)

 
Sets the QUIC override policy for TargetHttpsProxy.

 

-  setSslCertificates(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, targetHttpsProxy, body=None, requestId=None)

 
Replaces SslCertificates for TargetHttpsProxy.

 

-  setSslPolicy(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setSslPolicy(project, targetHttpsProxy, body=None, requestId=None)

 
Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.

 

-  setUrlMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)

+  setUrlMap(project, targetHttpsProxy, body=None, requestId=None)

 
Changes the URL map for TargetHttpsProxy.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all TargetHttpsProxy resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -139,29 +145,57 @@ 
Method Details

   "items": { # A list of TargetHttpsProxiesScopedList resources.
     "a_key": { # Name of the scope containing this set of TargetHttpsProxies.
       "targetHttpsProxies": [ # A list of TargetHttpsProxies contained in this scope.
-        { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-          "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+        { # Represents a Target HTTPS Proxy resource.
+            #
+            # Google Compute Engine has two Target HTTPS Proxy resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+            #
+            # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+            #
+            # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+            #
+            # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+          "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+              # Refer to the AuthorizationPolicy resource for additional details.
+              # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              # Note: This field currently has no impact.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-          "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+          "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              #
+              # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+              #
+              # The default is false.
+          "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+              # - When quic-override is set to NONE, Google manages whether QUIC is used.
+              # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+              # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+              # - If the quic-override flag is not specified, NONE is implied.
           "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+          "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+              # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              # If left blank, communications are not encrypted.
+              # Note: This field currently has no impact.
           "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
             "A String",
           ],
           "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-          "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+          "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+              # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+              # - projects/project/global/urlMaps/url-map
+              # - global/urlMaps/url-map
         },
       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -179,7 +213,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -210,22 +245,35 @@ 
Method Details

 

 
 

-    delete(project, targetHttpsProxy, requestId=None, x__xgafv=None)
+    delete(project, targetHttpsProxy, requestId=None)
   
Deletes the specified TargetHttpsProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -259,7 +307,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -273,43 +322,66 @@ 
Method Details

 

 
 

-    get(project, targetHttpsProxy, x__xgafv=None)
+    get(project, targetHttpsProxy)
   
Returns the specified TargetHttpsProxy resource. Gets a list of available target HTTPS proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetHttpsProxy: string, Name of the TargetHttpsProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+    { # Represents a Target HTTPS Proxy resource.
+    #
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    #
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    #
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    #
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetHttpsProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -317,36 +389,76 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -380,7 +492,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -394,20 +507,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetHttpsProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -415,24 +534,51 @@ 
Method Details

     { # Contains a list of TargetHttpsProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetHttpsProxy resources.
-    { # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+    { # Represents a Target HTTPS Proxy resource.
+        #
+        # Google Compute Engine has two Target HTTPS Proxy resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+        #
+        # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+        #
+        # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+        #
+        # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+      "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+          # Refer to the AuthorizationPolicy resource for additional details.
+          # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # Note: This field currently has no impact.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
+      "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+          # - When quic-override is set to NONE, Google manages whether QUIC is used.
+          # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+          # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+          # - If the quic-override flag is not specified, NONE is implied.
       "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+      "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+          # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          # If left blank, communications are not encrypted.
+          # Note: This field currently has no impact.
       "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
         "A String",
       ],
       "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+      "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+          # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+          # - projects/project/global/urlMaps/url-map
+          # - global/urlMaps/url-map
     },
   ],
   "kind": "compute#targetHttpsProxyList", # Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.
@@ -440,7 +586,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -466,8 +613,8 @@ 
Method Details

 

 
 

-    patch(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
-  
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.
+    patch(project, targetHttpsProxy, body=None, requestId=None)
+  
Patches the specified TargetHttpsProxy resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules. (== suppress_warning http-rest-shadowed ==)
 
 Args:
   project: string, Project ID for this request. (required)
@@ -475,36 +622,76 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target HTTPS Proxy resource. Google Compute Engine has two Target HTTPS Proxy resources: * [Global](/compute/docs/reference/rest/v1/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/v1/regionTargetHttpsProxies) A target HTTPS proxy is a component of GCP HTTPS load balancers. * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers. Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and Forwarding rule concepts.
-  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy. Refer to the AuthorizationPolicy resource for additional details. authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. Note: This field currently has no impact.
+{ # Represents a Target HTTPS Proxy resource.
+    # 
+    # Google Compute Engine has two Target HTTPS Proxy resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/targetHttpsProxies) * [Regional](/compute/docs/reference/rest/{$api_version}/regionTargetHttpsProxies)
+    # 
+    # A target HTTPS proxy is a component of GCP HTTPS load balancers.
+    # 
+    # * targetHttpsProxies are used by external HTTPS load balancers. * regionTargetHttpsProxies are used by internal HTTPS load balancers.
+    # 
+    # Forwarding rules reference a target HTTPS proxy, and the target proxy then references a URL map. For more information, read Using Target Proxies and  Forwarding rule concepts. (== resource_for {$api_version}.targetHttpsProxies ==) (== resource_for {$api_version}.regionTargetHttpsProxies ==)
+  "authorizationPolicy": "A String", # Optional. A URL referring to a networksecurity.AuthorizationPolicy resource that describes how the proxy should authorize inbound traffic. If left blank, access will not be restricted by an authorization policy.
+      # Refer to the AuthorizationPolicy resource for additional details.
+      # authorizationPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # Note: This field currently has no impact.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a TargetHttpsProxy. An up-to-date fingerprint must be provided in order to patch the TargetHttpsProxy; otherwise, the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the TargetHttpsProxy.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetHttpsProxy", # [Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
-  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
+  "quicOverride": "A String", # Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE.
+      # - When quic-override is set to NONE, Google manages whether QUIC is used.
+      # - When quic-override is set to ENABLE, the load balancer uses QUIC when possible.
+      # - When quic-override is set to DISABLE, the load balancer doesn't use QUIC.
+      # - If the quic-override flag is not specified, NONE is implied.
   "region": "A String", # [Output Only] URL of the region where the regional TargetHttpsProxy resides. This field is not applicable to global TargetHttpsProxies.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
+  "serverTlsPolicy": "A String", # Optional. A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic.
+      # serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # If left blank, communications are not encrypted.
+      # Note: This field currently has no impact.
   "sslCertificates": [ # URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
     "A String",
   ],
   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource has no SSL policy configured.
-  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map: - https://www.googleapis.compute/v1/projects/project/global/urlMaps/ url-map - projects/project/global/urlMaps/url-map - global/urlMaps/url-map
+  "urlMap": "A String", # A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:
+      # - https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map
+      # - projects/project/global/urlMaps/url-map
+      # - global/urlMaps/url-map
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000). end_interface: MixerMutationRequestBuilder
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -538,7 +725,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -552,7 +740,7 @@ 
Method Details

 

 
 

-    setQuicOverride(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setQuicOverride(project, targetHttpsProxy, body=None, requestId=None)
   
Sets the QUIC override policy for TargetHttpsProxy.
 
 Args:
@@ -565,16 +753,29 @@ 
Method Details

   "quicOverride": "A String", # QUIC policy for the TargetHttpsProxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -608,7 +809,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -622,7 +824,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, targetHttpsProxy, body=None, requestId=None)
   
Replaces SslCertificates for TargetHttpsProxy.
 
 Args:
@@ -637,16 +839,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -680,7 +895,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -694,7 +910,7 @@ 
Method Details

 

 
 

-    setSslPolicy(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setSslPolicy(project, targetHttpsProxy, body=None, requestId=None)
   
Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.
 
 Args:
@@ -707,16 +923,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -750,7 +979,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -764,7 +994,7 @@ 
Method Details

 

 
 

-    setUrlMap(project, targetHttpsProxy, body=None, requestId=None, x__xgafv=None)
+    setUrlMap(project, targetHttpsProxy, body=None, requestId=None)
   
Changes the URL map for TargetHttpsProxy.
 
 Args:
@@ -777,16 +1007,29 @@ 
Method Details

   "urlMap": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -820,7 +1063,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.targetInstances.html b/docs/dyn/compute_v1.targetInstances.html
index f85e681971b..5b902ef54ea 100644
--- a/docs/dyn/compute_v1.targetInstances.html
+++ b/docs/dyn/compute_v1.targetInstances.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetInstances

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target instances.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, targetInstance, requestId=None, x__xgafv=None)

+  delete(project, zone, targetInstance, requestId=None)

 
Deletes the specified TargetInstance resource.

 

-  get(project, zone, targetInstance, x__xgafv=None)

+  get(project, zone, targetInstance)

 
Returns the specified TargetInstance resource. Gets a list of available target instances by making a list() request.

 

-  insert(project, zone, body=None, requestId=None, x__xgafv=None)

+  insert(project, zone, body=None, requestId=None)

 
Creates a TargetInstance resource in the specified project and zone using the data included in the request.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of TargetInstance resources available to the specified project and zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target instances.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,11 +130,16 @@ 
Method Details

   "items": { # A list of TargetInstance resources.
     "a_key": { # Name of the scope containing this set of target instances.
       "targetInstances": [ # A list of target instances contained in this scope.
-        { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+        { # Represents a Target Instance resource.
+            #
+            # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-          "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+          "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+              # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+              # - projects/project/zones/zone/instances/instance
+              # - zones/zone/instances/instance
           "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -138,7 +149,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -156,7 +168,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -187,23 +200,36 @@ 
Method Details

 

 
 

-    delete(project, zone, targetInstance, requestId=None, x__xgafv=None)
+    delete(project, zone, targetInstance, requestId=None)
   
Deletes the specified TargetInstance resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
   targetInstance: string, Name of the TargetInstance resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -237,7 +263,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -251,26 +278,27 @@ 
Method Details

 

 
 

-    get(project, zone, targetInstance, x__xgafv=None)
+    get(project, zone, targetInstance)
   
Returns the specified TargetInstance resource. Gets a list of available target instances by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
   targetInstance: string, Name of the TargetInstance resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+    { # Represents a Target Instance resource.
+    #
+    # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
   "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -280,7 +308,7 @@ 
Method Details

 

 
 

-    insert(project, zone, body=None, requestId=None, x__xgafv=None)
+    insert(project, zone, body=None, requestId=None)
   
Creates a TargetInstance resource in the specified project and zone using the data included in the request.
 
 Args:
@@ -289,11 +317,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+{ # Represents a Target Instance resource.
+    # 
+    # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+  "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+      # - projects/project/zones/zone/instances/instance
+      # - zones/zone/instances/instance
   "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -301,16 +334,29 @@ 
Method Details

   "zone": "A String", # [Output Only] URL of the zone where the target instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -344,7 +390,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -358,21 +405,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of TargetInstance resources available to the specified project and zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -380,11 +433,16 @@ 
Method Details

     { # Contains a list of TargetInstance resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetInstance resources.
-    { # Represents a Target Instance resource. You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances.
+    { # Represents a Target Instance resource.
+        #
+        # You can use a target instance to handle traffic for one or more forwarding rules, which is ideal for forwarding protocol traffic that is managed by a single source. For example, ESP, AH, TCP, or UDP. For more information, read Target instances. (== resource_for {$api_version}.targetInstances ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-      "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /instances/instance - projects/project/zones/zone/instances/instance - zones/zone/instances/instance
+      "instance": "A String", # A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs:
+          # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance
+          # - projects/project/zones/zone/instances/instance
+          # - zones/zone/instances/instance
       "kind": "compute#targetInstance", # [Output Only] The type of the resource. Always compute#targetInstance for target instances.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "natPolicy": "A String", # NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.
@@ -397,7 +455,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.targetPools.html b/docs/dyn/compute_v1.targetPools.html
index 854e4da25db..3feedb4e04c 100644
--- a/docs/dyn/compute_v1.targetPools.html
+++ b/docs/dyn/compute_v1.targetPools.html
@@ -75,13 +75,13 @@
 
Compute Engine API . targetPools

 
Instance Methods

 

-  addHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  addHealthCheck(project, region, targetPool, body=None, requestId=None)

 
Adds health check URLs to a target pool.

 

-  addInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  addInstance(project, region, targetPool, body=None, requestId=None)

 
Adds an instance to a target pool.

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target pools.

 

   aggregatedList_next(previous_request, previous_response)

@@ -90,35 +90,35 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetPool, requestId=None, x__xgafv=None)

+  delete(project, region, targetPool, requestId=None)

 
Deletes the specified target pool.

 

-  get(project, region, targetPool, x__xgafv=None)

+  get(project, region, targetPool)

 
Returns the specified target pool. Gets a list of available target pools by making a list() request.

 

-  getHealth(project, region, targetPool, body=None, x__xgafv=None)

+  getHealth(project, region, targetPool, body=None)

 
Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a target pool in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of target pools available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  removeHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  removeHealthCheck(project, region, targetPool, body=None, requestId=None)

 
Removes health check URL from a target pool.

 

-  removeInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)

+  removeInstance(project, region, targetPool, body=None, requestId=None)

 
Removes instance URL from a target pool.

 

-  setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None, x__xgafv=None)

+  setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None)

 
Changes a backup target pool's configurations.

 
Method Details

 

-    addHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    addHealthCheck(project, region, targetPool, body=None, requestId=None)
   
Adds health check URLs to a target pool.
 
 Args:
@@ -130,22 +130,38 @@ 
Method Details

 
 {
   "healthChecks": [ # The HttpHealthCheck to add to the target pool.
-    { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
+    { # A full or valid partial URL to a health check. For example, the following are valid URLs:
+        # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+        # - projects/project-id/global/httpHealthChecks/health-check
+        # - global/httpHealthChecks/health-check
       "healthCheck": "A String",
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -179,7 +195,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -193,7 +210,7 @@ 
Method Details

 

 
 

-    addInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    addInstance(project, region, targetPool, body=None, requestId=None)
   
Adds an instance to a target pool.
 
 Args:
@@ -204,23 +221,39 @@ 
Method Details

     The object takes the form of:
 
 {
-  "instances": [ # A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs: - https://www.googleapis.com/compute/v1/projects/project-id/zones/zone /instances/instance-name - projects/project-id/zones/zone/instances/instance-name - zones/zone/instances/instance-name
+  "instances": [ # A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:
+      # - https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name
+      # - projects/project-id/zones/zone/instances/instance-name
+      # - zones/zone/instances/instance-name
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -254,7 +287,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -268,21 +302,27 @@ 
Method Details

 

 
 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target pools.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -292,11 +332,21 @@ 
Method Details

   "items": { # A list of TargetPool resources.
     "a_key": { # Name of the scope containing this set of target pools.
       "targetPools": [ # A list of target pools contained in this scope.
-        { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-          "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+        { # Represents a Target Pool resource.
+            #
+            # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+          "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+              #
+              # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+              #
+              # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+          "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+              #
+              # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+              #
+              # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
           "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
             "A String",
           ],
@@ -308,12 +358,16 @@ 
Method Details

           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "region": "A String", # [Output Only] URL of the region where the target pool resides.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+          "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+              # NONE: Connections from the same client IP may go to any instance in the pool.
+              # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+              # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
         },
       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -331,7 +385,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -362,23 +417,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetPool, requestId=None, x__xgafv=None)
+    delete(project, region, targetPool, requestId=None)
   
Deletes the specified target pool.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetPool: string, Name of the TargetPool resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -412,7 +480,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -426,26 +495,32 @@ 
Method Details

 

 
 

-    get(project, region, targetPool, x__xgafv=None)
+    get(project, region, targetPool)
   
Returns the specified target pool. Gets a list of available target pools by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
   targetPool: string, Name of the TargetPool resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+    { # Represents a Target Pool resource.
+    #
+    # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+      #
+      # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      #
+      # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+      #
+      # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      #
+      # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
     "A String",
   ],
@@ -457,12 +532,15 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "region": "A String", # [Output Only] URL of the region where the target pool resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+  "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+      # NONE: Connections from the same client IP may go to any instance in the pool.
+      # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+      # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
 }

 

 
 

-    getHealth(project, region, targetPool, body=None, x__xgafv=None)
+    getHealth(project, region, targetPool, body=None)
   
Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.
 
 Args:
@@ -473,13 +551,9 @@ 
Method Details

     The object takes the form of:
 
 {
-  "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+  "instance": "A String", # The URL for a specific instance.
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -505,7 +579,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a target pool in the specified project and region using the data included in the request.
 
 Args:
@@ -514,11 +588,21 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+{ # Represents a Target Pool resource.
+    # 
+    # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+  "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+      # 
+      # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      # 
+      # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+  "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+      # 
+      # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+      # 
+      # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
   "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
     "A String",
   ],
@@ -530,19 +614,35 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "region": "A String", # [Output Only] URL of the region where the target pool resides.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+  "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+      # NONE: Connections from the same client IP may go to any instance in the pool.
+      # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+      # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -576,7 +676,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -590,21 +691,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of target pools available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -612,11 +719,21 @@ 
Method Details

     { # Contains a list of TargetPool resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetPool resources.
-    { # Represents a Target Pool resource. Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools.
-      "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1]. backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+    { # Represents a Target Pool resource.
+        #
+        # Target pools are used for network TCP/UDP load balancing. A target pool references member instances, an associated legacy HttpHealthCheck resource, and, optionally, a backup target pool. For more information, read Using target pools. (== resource_for {$api_version}.targetPools ==)
+      "backupPool": "A String", # The server-defined URL for the resource. This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].
+          #
+          # backupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.
+          #
+          # In case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1]. If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool. In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
+      "failoverRatio": 3.14, # This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].
+          #
+          # If set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.
+          #
+          # In case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the "force" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.
       "healthChecks": [ # The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. Only legacy HttpHealthChecks are supported. Only one health check may be specified.
         "A String",
       ],
@@ -628,7 +745,10 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "region": "A String", # [Output Only] URL of the region where the target pool resides.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "sessionAffinity": "A String", # Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
+      "sessionAffinity": "A String", # Session affinity option, must be one of the following values:
+          # NONE: Connections from the same client IP may go to any instance in the pool.
+          # CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.
+          # CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.
     },
   ],
   "kind": "compute#targetPoolList", # [Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.
@@ -636,7 +756,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -662,7 +783,7 @@ 
Method Details

 

 
 

-    removeHealthCheck(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    removeHealthCheck(project, region, targetPool, body=None, requestId=None)
   
Removes health check URL from a target pool.
 
 Args:
@@ -673,23 +794,42 @@ 
Method Details

     The object takes the form of:
 
 {
-  "healthChecks": [ # Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project /global/httpHealthChecks/health-check - projects/project/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
-    { # A full or valid partial URL to a health check. For example, the following are valid URLs: - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check - projects/project-id/global/httpHealthChecks/health-check - global/httpHealthChecks/health-check
+  "healthChecks": [ # Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:
+      # - https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check
+      # - projects/project/global/httpHealthChecks/health-check
+      # - global/httpHealthChecks/health-check
+    { # A full or valid partial URL to a health check. For example, the following are valid URLs:
+        # - https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check
+        # - projects/project-id/global/httpHealthChecks/health-check
+        # - global/httpHealthChecks/health-check
       "healthCheck": "A String",
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -723,7 +863,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -737,7 +878,7 @@ 
Method Details

 

 
 

-    removeInstance(project, region, targetPool, body=None, requestId=None, x__xgafv=None)
+    removeInstance(project, region, targetPool, body=None, requestId=None)
   
Removes instance URL from a target pool.
 
 Args:
@@ -750,21 +891,34 @@ 
Method Details

 {
   "instances": [ # URLs of the instances to be removed from target pool.
     {
-      "instance": "A String", # The URL for a specific instance. @required compute.instancegroups.addInstances/removeInstances
+      "instance": "A String", # The URL for a specific instance.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -798,7 +952,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -812,7 +967,7 @@ 
Method Details

 

 
 

-    setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None, x__xgafv=None)
+    setBackup(project, region, targetPool, body=None, failoverRatio=None, requestId=None)
   
Changes a backup target pool's configurations.
 
 Args:
@@ -827,16 +982,29 @@ 
Method Details

 }
 
   failoverRatio: number, New failoverRatio value for the target pool.
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -870,7 +1038,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.targetSslProxies.html b/docs/dyn/compute_v1.targetSslProxies.html
index d1f09c13c77..23cc21015f7 100644
--- a/docs/dyn/compute_v1.targetSslProxies.html
+++ b/docs/dyn/compute_v1.targetSslProxies.html
@@ -78,31 +78,31 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetSslProxy, requestId=None, x__xgafv=None)

+  delete(project, targetSslProxy, requestId=None)

 
Deletes the specified TargetSslProxy resource.

 

-  get(project, targetSslProxy, x__xgafv=None)

+  get(project, targetSslProxy)

 
Returns the specified TargetSslProxy resource. Gets a list of available target SSL proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetSslProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetSslProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setBackendService(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setBackendService(project, targetSslProxy, body=None, requestId=None)

 
Changes the BackendService for TargetSslProxy.

 

-  setProxyHeader(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setProxyHeader(project, targetSslProxy, body=None, requestId=None)

 
Changes the ProxyHeaderType for TargetSslProxy.

 

-  setSslCertificates(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setSslCertificates(project, targetSslProxy, body=None, requestId=None)

 
Changes SslCertificates for TargetSslProxy.

 

-  setSslPolicy(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)

+  setSslPolicy(project, targetSslProxy, body=None, requestId=None)

 
Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.

 
Method Details

 

@@ -111,22 +111,35 @@ 
Method Details

 

 
 

-    delete(project, targetSslProxy, requestId=None, x__xgafv=None)
+    delete(project, targetSslProxy, requestId=None)
   
Deletes the specified TargetSslProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetSslProxy: string, Name of the TargetSslProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -160,7 +173,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -174,21 +188,19 @@ 
Method Details

 

 
 

-    get(project, targetSslProxy, x__xgafv=None)
+    get(project, targetSslProxy)
   
Returns the specified TargetSslProxy resource. Gets a list of available target SSL proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetSslProxy: string, Name of the TargetSslProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+    { # Represents a Target SSL Proxy resource.
+    #
+    # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -205,7 +217,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetSslProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -213,7 +225,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+{ # Represents a Target SSL Proxy resource.
+    # 
+    # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -228,16 +242,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -271,7 +298,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -285,20 +313,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetSslProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -306,7 +340,9 @@ 
Method Details

     { # Contains a list of TargetSslProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetSslProxy resources.
-    { # Represents a Target SSL Proxy resource. A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies.
+    { # Represents a Target SSL Proxy resource.
+        #
+        # A target SSL proxy is a component of a SSL Proxy load balancer. Global forwarding rules reference a target SSL proxy, and the target proxy then references an external backend service. For more information, read Using Target Proxies. (== resource_for {$api_version}.targetSslProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
@@ -326,7 +362,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -352,7 +389,7 @@ 
Method Details

 

 
 

-    setBackendService(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setBackendService(project, targetSslProxy, body=None, requestId=None)
   
Changes the BackendService for TargetSslProxy.
 
 Args:
@@ -365,16 +402,29 @@ 
Method Details

   "service": "A String", # The URL of the new BackendService resource for the targetSslProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -408,7 +458,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -422,7 +473,7 @@ 
Method Details

 

 
 

-    setProxyHeader(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setProxyHeader(project, targetSslProxy, body=None, requestId=None)
   
Changes the ProxyHeaderType for TargetSslProxy.
 
 Args:
@@ -435,16 +486,29 @@ 
Method Details

   "proxyHeader": "A String", # The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -478,7 +542,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -492,7 +557,7 @@ 
Method Details

 

 
 

-    setSslCertificates(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setSslCertificates(project, targetSslProxy, body=None, requestId=None)
   
Changes SslCertificates for TargetSslProxy.
 
 Args:
@@ -507,16 +572,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -550,7 +628,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -564,7 +643,7 @@ 
Method Details

 

 
 

-    setSslPolicy(project, targetSslProxy, body=None, requestId=None, x__xgafv=None)
+    setSslPolicy(project, targetSslProxy, body=None, requestId=None)
   
Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.
 
 Args:
@@ -577,16 +656,29 @@ 
Method Details

   "sslPolicy": "A String", # URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -620,7 +712,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.targetTcpProxies.html b/docs/dyn/compute_v1.targetTcpProxies.html
index c40d4dce272..019850b7d1f 100644
--- a/docs/dyn/compute_v1.targetTcpProxies.html
+++ b/docs/dyn/compute_v1.targetTcpProxies.html
@@ -78,25 +78,25 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, targetTcpProxy, requestId=None, x__xgafv=None)

+  delete(project, targetTcpProxy, requestId=None)

 
Deletes the specified TargetTcpProxy resource.

 

-  get(project, targetTcpProxy, x__xgafv=None)

+  get(project, targetTcpProxy)

 
Returns the specified TargetTcpProxy resource. Gets a list of available target TCP proxies by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a TargetTcpProxy resource in the specified project using the data included in the request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of TargetTcpProxy resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setBackendService(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)

+  setBackendService(project, targetTcpProxy, body=None, requestId=None)

 
Changes the BackendService for TargetTcpProxy.

 

-  setProxyHeader(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)

+  setProxyHeader(project, targetTcpProxy, body=None, requestId=None)

 
Changes the ProxyHeaderType for TargetTcpProxy.

 
Method Details

 

@@ -105,22 +105,35 @@ 
Method Details

 

 
 

-    delete(project, targetTcpProxy, requestId=None, x__xgafv=None)
+    delete(project, targetTcpProxy, requestId=None)
   
Deletes the specified TargetTcpProxy resource.
 
 Args:
   project: string, Project ID for this request. (required)
   targetTcpProxy: string, Name of the TargetTcpProxy resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -154,7 +167,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -168,27 +182,29 @@ 
Method Details

 

 
 

-    get(project, targetTcpProxy, x__xgafv=None)
+    get(project, targetTcpProxy)
   
Returns the specified TargetTcpProxy resource. Gets a list of available target TCP proxies by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   targetTcpProxy: string, Name of the TargetTcpProxy resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+    { # Represents a Target TCP Proxy resource.
+    #
+    # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      #
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      #
+      # The default is false.
   "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "service": "A String", # URL to the BackendService resource.
@@ -196,7 +212,7 @@ 
Method Details

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a TargetTcpProxy resource in the specified project using the data included in the request.
 
 Args:
@@ -204,28 +220,47 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+{ # Represents a Target TCP Proxy resource.
+    # 
+    # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+  "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      # 
+      # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+      # 
+      # The default is false.
   "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "service": "A String", # URL to the BackendService resource.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -259,7 +294,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -273,20 +309,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of TargetTcpProxy resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -294,13 +336,19 @@ 
Method Details

     { # Contains a list of TargetTcpProxy resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetTcpProxy resources.
-    { # Represents a Target TCP Proxy resource. A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview.
+    { # Represents a Target TCP Proxy resource.
+        #
+        # A target TCP proxy is a component of a TCP Proxy load balancer. Global forwarding rules reference target TCP proxy, and the target proxy then references an external backend service. For more information, read TCP Proxy Load Balancing overview. (== resource_for {$api_version}.targetTcpProxies ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#targetTcpProxy", # [Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.
       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED. When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them. The default is false.
+      "proxyBind": True or False, # This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          #
+          # When this field is set to true, Envoy proxies set up inbound traffic interception and bind to the IP address and port specified in the forwarding rule. This is generally useful when using Traffic Director to configure Envoy as a gateway or middle proxy (in other words, not a sidecar proxy). The Envoy proxy listens for inbound requests and handles requests when it receives them.
+          #
+          # The default is false.
       "proxyHeader": "A String", # Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "service": "A String", # URL to the BackendService resource.
@@ -311,7 +359,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -337,7 +386,7 @@ 
Method Details

 

 
 

-    setBackendService(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)
+    setBackendService(project, targetTcpProxy, body=None, requestId=None)
   
Changes the BackendService for TargetTcpProxy.
 
 Args:
@@ -350,16 +399,29 @@ 
Method Details

   "service": "A String", # The URL of the new BackendService resource for the targetTcpProxy.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -393,7 +455,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -407,7 +470,7 @@ 
Method Details

 

 
 

-    setProxyHeader(project, targetTcpProxy, body=None, requestId=None, x__xgafv=None)
+    setProxyHeader(project, targetTcpProxy, body=None, requestId=None)
   
Changes the ProxyHeaderType for TargetTcpProxy.
 
 Args:
@@ -420,16 +483,29 @@ 
Method Details

   "proxyHeader": "A String", # The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -463,7 +539,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.targetVpnGateways.html b/docs/dyn/compute_v1.targetVpnGateways.html
index 3993e7dccc0..561dd9d3d39 100644
--- a/docs/dyn/compute_v1.targetVpnGateways.html
+++ b/docs/dyn/compute_v1.targetVpnGateways.html
@@ -75,7 +75,7 @@
 
Compute Engine API . targetVpnGateways

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of target VPN gateways.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, targetVpnGateway, requestId=None, x__xgafv=None)

+  delete(project, region, targetVpnGateway, requestId=None)

 
Deletes the specified target VPN gateway.

 

-  get(project, region, targetVpnGateway, x__xgafv=None)

+  get(project, region, targetVpnGateway)

 
Returns the specified target VPN gateway. Gets a list of available target VPN gateways by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a target VPN gateway in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of target VPN gateways available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of target VPN gateways.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,7 +130,9 @@ 
Method Details

   "items": { # A list of TargetVpnGateway resources.
     "a_key": { # [Output Only] Name of the scope containing this set of target VPN gateways.
       "targetVpnGateways": [ # [Output Only] A list of target VPN gateways contained in this scope.
-        { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+        { # Represents a Target VPN Gateway resource.
+            #
+            # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -144,7 +152,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -162,7 +171,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -193,23 +203,36 @@ 
Method Details

 

 
 

-    delete(project, region, targetVpnGateway, requestId=None, x__xgafv=None)
+    delete(project, region, targetVpnGateway, requestId=None)
   
Deletes the specified target VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   targetVpnGateway: string, Name of the target VPN gateway to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -243,7 +266,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -257,22 +281,20 @@ 
Method Details

 

 
 

-    get(project, region, targetVpnGateway, x__xgafv=None)
+    get(project, region, targetVpnGateway)
   
Returns the specified target VPN gateway. Gets a list of available target VPN gateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   targetVpnGateway: string, Name of the target VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+    { # Represents a Target VPN Gateway resource.
+    #
+    # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -292,7 +314,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a target VPN gateway in the specified project and region using the data included in the request.
 
 Args:
@@ -301,7 +323,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+{ # Represents a Target VPN Gateway resource.
+    # 
+    # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -319,16 +343,29 @@ 
Method Details

   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -362,7 +399,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -376,21 +414,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of target VPN gateways available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -398,7 +442,9 @@ 
Method Details

     { # Contains a list of TargetVpnGateway resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of TargetVpnGateway resources.
-    { # Represents a Target VPN Gateway resource. The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview.
+    { # Represents a Target VPN Gateway resource.
+        #
+        # The target VPN gateway resource represents a Classic Cloud VPN gateway. For more information, read the the Cloud VPN Overview. (== resource_for {$api_version}.targetVpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "forwardingRules": [ # [Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated with a VPN gateway.
@@ -421,7 +467,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.urlMaps.html b/docs/dyn/compute_v1.urlMaps.html
index 7c727cc1acd..ec5aeff87c1 100644
--- a/docs/dyn/compute_v1.urlMaps.html
+++ b/docs/dyn/compute_v1.urlMaps.html
@@ -75,7 +75,7 @@
 
Compute Engine API . urlMaps

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of all UrlMap resources, regional and global, available to the specified project.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,49 +84,55 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, urlMap, requestId=None, x__xgafv=None)

+  delete(project, urlMap, requestId=None)

 
Deletes the specified UrlMap resource.

 

-  get(project, urlMap, x__xgafv=None)

+  get(project, urlMap)

 
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.

 

-  insert(project, body=None, requestId=None, x__xgafv=None)

+  insert(project, body=None, requestId=None)

 
Creates a UrlMap resource in the specified project using the data included in the request.

 

-  invalidateCache(project, urlMap, body=None, requestId=None, x__xgafv=None)

-
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).

+  invalidateCache(project, urlMap, body=None, requestId=None)

+
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of UrlMap resources available to the specified project.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  patch(project, urlMap, body=None, requestId=None, x__xgafv=None)

+  patch(project, urlMap, body=None, requestId=None)

 
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

 

-  update(project, urlMap, body=None, requestId=None, x__xgafv=None)

+  update(project, urlMap, body=None, requestId=None)

 
Updates the specified UrlMap resource with the data included in the request.

 

-  validate(project, urlMap, body=None, x__xgafv=None)

+  validate(project, urlMap, body=None)

 
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of all UrlMap resources, regional and global, available to the specified project.
 
 Args:
   project: string, Name of the project scoping this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -136,21 +142,44 @@ 
Method Details

   "items": { # A list of UrlMapsScopedList resources.
     "a_key": { # Name of the scope containing this set of UrlMaps.
       "urlMaps": [ # A list of UrlMaps contained in this scope.
-        { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+        { # Represents a URL Map resource.
+            #
+            # Google Compute Engine has two URL Map resources:
+            #
+            # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+            #
+            # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+            #
+            # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+            #
+            # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+            #
+            # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+            #
+            # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+            #
+            # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+              # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -159,53 +188,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -215,34 +275,61 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here take effect after headerAction specified under pathMatcher.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -252,7 +339,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -262,7 +350,8 @@ 
Method Details

           "hostRules": [ # The list of HostRules to use against the URL.
             { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-              "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+                  # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "A String",
               ],
               "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -273,19 +362,25 @@ 
Method Details

           "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "pathMatchers": [ # The list of named PathMatchers to use against the URL.
             { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-              "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+                  # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -294,53 +389,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -350,33 +476,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-              "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+                  # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+                  # - compute/v1/projects/project/global/backendServices/backendService
+                  # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+                  # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+                  # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+                  # - compute.backendBuckets.use
+                  # - compute.backendServices.use
+              "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+                  # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
               "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -386,7 +542,8 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -394,24 +551,32 @@ 
Method Details

                 ],
               },
               "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-              "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+              "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+                  # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+                  # Within a given pathMatcher, only one of pathRules or routeRules must be set.
                 { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
                   "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                     "A String",
                   ],
-                  "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+                  "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                      # Only one of routeAction or urlRedirect must be set.
+                      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                        # Not supported when the URL map is bound to target gRPC proxy.
+                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                          # Default is false.
                       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                         "A String",
                       ],
                       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                         "A String",
                       ],
-                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
-                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
                       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -420,53 +585,84 @@ 
Method Details

                       ],
                       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                     },
-                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "httpStatus": 42, # The HTTP status code used to abort the request.
+                            # The value must be between 200 and 599 inclusive.
+                            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                         },
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                     },
-                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                     },
-                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                       },
-                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                          # -
+                          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                         "A String",
                       ],
                     },
-                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                        # If not specified, will use the largest timeout among all backend services associated with the route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                          # The value must be between 1 and 255 characters.
+                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                          # The value must be between 1 and 1024 characters.
                     },
-                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -476,37 +672,63 @@ 
Method Details

                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                             "A String",
                           ],
                         },
-                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                            # The value must be between 0 and 1000
                       },
                     ],
                   },
-                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                      # If urlRedirect is specified, service or routeAction must not be set.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                        # The value must be between 1 and 255 characters.
+                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                        # The default is set to false.
+                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                        # Supported values are:
+                        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                        # - FOUND, which corresponds to 302.
+                        # - SEE_OTHER which corresponds to 303.
+                        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                        # The default is set to false.
                   },
                 },
               ],
-              "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+              "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+                  # Within a given pathMatcher, you can set only one of pathRules or routeRules.
                 { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-                  "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "description": "A String", # The short description conveying the intent of this routeRule.
+                      # The description can have a maximum length of 1024 characters.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -516,7 +738,8 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -525,60 +748,112 @@ 
Method Details

                   },
                   "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                     { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                      "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                          # fullPathMatch must be between 1 and 1024 characters.
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                       "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                         { # matchRule criteria for request header matches.
-                          "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                          "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                          "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                          "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                          "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "headerName": "A String", # The name of the HTTP header to match.
+                              # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                              # For matching a request's method, use the headerName ":method".
+                              # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                          "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                              # The default setting is false.
+                          "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                              # For example for a range [-5, 0]
+                              # - -3 will match.
+                              # - 0 will not match.
+                              # - 0.25 will not match.
+                              # - -3someString will not match.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                              # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                             "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                             "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                           },
-                          "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                          "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                              # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                              # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                          "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                              # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                         },
                       ],
-                      "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                      "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                          # The default value is false.
+                          # ignoreCase must not be used with regexMatch.
+                          # Not supported when the URL map is bound to target gRPC proxy.
+                      "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                          # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                          # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                          # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                            # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                            # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                          "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                              # This list must not be empty and can have at the most 64 entries.
                             { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                              "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                              "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                              "name": "A String", # Name of metadata label.
+                                  # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                              "value": "A String", # The value of the label must match the specified value.
+                                  # value can have a maximum length of 1024 characters.
                             },
                           ],
-                          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                          "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                              # Supported values are:
+                              # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                              # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                         },
                       ],
-                      "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                      "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                      "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                          # The value must be between 1 and 1024 characters.
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                          # Not supported when the URL map is bound to target gRPC proxy.
                         { # HttpRouteRuleMatch criteria for a request's query parameter.
-                          "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                          "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
                           "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                          "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                          "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                          "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                              # Only one of presentMatch, exactMatch or regexMatch must be set.
+                              # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                         },
                       ],
-                      "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-                  "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+                  "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                      # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                      # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+                  "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                        # Not supported when the URL map is bound to target gRPC proxy.
+                      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                          # Default is false.
                       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                         "A String",
                       ],
                       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                         "A String",
                       ],
-                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
-                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                         "A String",
                       ],
                       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -587,53 +862,84 @@ 
Method Details

                       ],
                       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                     },
-                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "httpStatus": 42, # The HTTP status code used to abort the request.
+                            # The value must be between 200 and 599 inclusive.
+                            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                         },
-                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                            # The value must be between 0.0 and 100.0 inclusive.
                       },
                     },
-                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                     },
-                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                       },
-                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                          # -
+                          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                         "A String",
                       ],
                     },
-                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                        # If not specified, will use the largest timeout among all backend services associated with the route.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                          # The value must be between 1 and 255 characters.
+                      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                          # The value must be between 1 and 1024 characters.
                     },
-                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -643,25 +949,45 @@ 
Method Details

                             { # Specification determining how headers are added to requests or responses.
                               "headerName": "A String", # The name of the header.
                               "headerValue": "A String", # The value of the header to add.
-                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                                  # The default value is false.
                             },
                           ],
                           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                             "A String",
                           ],
                         },
-                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                            # The value must be between 0 and 1000
                       },
                     ],
                   },
-                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+                  "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                      # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                      # If urlRedirect is specified, service or routeAction must not be set.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                        # The value must be between 1 and 255 characters.
+                    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                        # The default is set to false.
+                    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                        # The value must be between 1 and 1024 characters.
+                    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                        # Supported values are:
+                        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                        # - FOUND, which corresponds to 302.
+                        # - SEE_OTHER which corresponds to 303.
+                        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                        # The default is set to false.
                   },
                 },
               ],
@@ -669,11 +995,16 @@ 
Method Details

           ],
           "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-          "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             { # Message for the expected URL mappings.
               "description": "A String", # Description of this test case.
-              "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-              "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+              "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+                  # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+                  # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+                  # expectedOutputUrl is optional when service is specified.
+              "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+                  # expectedRedirectResponseCode cannot be set when service is set.
               "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
                 { # HTTP headers used in UrlMapTests.
                   "name": "A String", # Header name.
@@ -682,14 +1013,16 @@ 
Method Details

               ],
               "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
               "path": "A String", # Path portion of the URL.
-              "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+              "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+                  # service cannot be set if expectedRedirectResponseCode is set.
             },
           ],
         },
       ],
       "warning": { # Informational warning which replaces the list of backend services when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -707,7 +1040,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -738,22 +1072,35 @@ 
Method Details

 

 
 

-    delete(project, urlMap, requestId=None, x__xgafv=None)
+    delete(project, urlMap, requestId=None)
   
Deletes the specified UrlMap resource.
 
 Args:
   project: string, Project ID for this request. (required)
   urlMap: string, Name of the UrlMap resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -787,7 +1134,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -801,35 +1149,54 @@ 
Method Details

 

 
 

-    get(project, urlMap, x__xgafv=None)
+    get(project, urlMap)
   
Returns the specified UrlMap resource. Gets a list of available URL maps by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   urlMap: string, Name of the UrlMap resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+    #
+    # Google Compute Engine has two URL Map resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    #
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    #
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    #
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    #
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    #
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    #
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -838,53 +1205,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -894,34 +1292,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -931,7 +1356,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -941,7 +1367,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -952,19 +1379,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -973,53 +1406,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1029,33 +1493,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1065,7 +1559,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1073,24 +1568,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1099,53 +1602,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1155,37 +1689,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1195,7 +1755,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1204,60 +1765,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1266,53 +1879,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1322,25 +1966,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1348,11 +2012,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -1361,14 +2030,15 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }

 

 
 

-    insert(project, body=None, requestId=None, x__xgafv=None)
+    insert(project, body=None, requestId=None)
   
Creates a UrlMap resource in the specified project using the data included in the request.
 
 Args:
@@ -1376,21 +2046,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1399,53 +2092,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1455,34 +2179,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1492,7 +2243,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1502,7 +2254,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -1513,19 +2266,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1534,53 +2293,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1590,33 +2380,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1626,7 +2446,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1634,24 +2455,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1660,53 +2489,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1716,37 +2576,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1756,7 +2642,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -1765,60 +2652,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -1827,53 +2766,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -1883,25 +2853,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -1909,11 +2899,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -1922,21 +2917,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -1970,7 +2979,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -1984,8 +2994,10 @@ 
Method Details

 

 
 

-    invalidateCache(project, urlMap, body=None, requestId=None, x__xgafv=None)
-  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap. For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
+    invalidateCache(project, urlMap, body=None, requestId=None)
+  
Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.
+
+For more information, see [Invalidating cached content](/cdn/docs/invalidating-cached-content).
 
 Args:
   project: string, Project ID for this request. (required)
@@ -1998,16 +3010,29 @@ 
Method Details

   "path": "A String",
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -2041,7 +3066,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2055,20 +3081,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of UrlMap resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -2076,21 +3108,44 @@ 
Method Details

     { # Contains a list of UrlMap resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of UrlMap resources.
-    { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+    { # Represents a URL Map resource.
+        #
+        # Google Compute Engine has two URL Map resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+        #
+        # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+        #
+        # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+        #
+        # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+        #
+        # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+        #
+        # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+        #
+        # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+          # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2099,53 +3154,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2155,34 +3241,61 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # The headerAction specified here take effect after headerAction specified under pathMatcher.
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2192,7 +3305,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2202,7 +3316,8 @@ 
Method Details

       "hostRules": [ # The list of HostRules to use against the URL.
         { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+              # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "A String",
           ],
           "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2213,19 +3328,25 @@ 
Method Details

       "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "pathMatchers": [ # The list of named PathMatchers to use against the URL.
         { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-          "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+              # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2234,53 +3355,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2290,33 +3442,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+              # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+              # - compute/v1/projects/project/global/backendServices/backendService
+              # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+              # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+              # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+              # - compute.backendBuckets.use
+              # - compute.backendServices.use
+          "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+              # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2326,7 +3508,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2334,24 +3517,32 @@ 
Method Details

             ],
           },
           "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+          "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+              # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+              # Within a given pathMatcher, only one of pathRules or routeRules must be set.
             { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
               "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
                 "A String",
               ],
-              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of routeAction or urlRedirect must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2360,53 +3551,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2416,37 +3638,63 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
-          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+          "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+              # Within a given pathMatcher, you can set only one of pathRules or routeRules.
             { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-              "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "description": "A String", # The short description conveying the intent of this routeRule.
+                  # The description can have a maximum length of 1024 characters.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2456,7 +3704,8 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2465,60 +3714,112 @@ 
Method Details

               },
               "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
                 { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                      # fullPathMatch must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                   "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                     { # matchRule criteria for request header matches.
-                      "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "headerName": "A String", # The name of the HTTP header to match.
+                          # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                          # For matching a request's method, use the headerName ":method".
+                          # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                      "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                          # The default setting is false.
+                      "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                          # For example for a range [-5, 0]
+                          # - -3 will match.
+                          # - 0 will not match.
+                          # - 0.25 will not match.
+                          # - -3someString will not match.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                         "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                         "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                       },
-                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                          # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                          # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                          # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                     },
                   ],
-                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                  "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                      # The default value is false.
+                      # ignoreCase must not be used with regexMatch.
+                      # Not supported when the URL map is bound to target gRPC proxy.
+                  "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                      # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                      # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                        # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                        # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                      "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                          # This list must not be empty and can have at the most 64 entries.
                         { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                          "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                          "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                          "name": "A String", # Name of metadata label.
+                              # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                          "value": "A String", # The value of the label must match the specified value.
+                              # value can have a maximum length of 1024 characters.
                         },
                       ],
-                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                      "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                          # Supported values are:
+                          # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                          # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                     },
                   ],
-                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                  "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                      # The value must be between 1 and 1024 characters.
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                      # Not supported when the URL map is bound to target gRPC proxy.
                     { # HttpRouteRuleMatch criteria for a request's query parameter.
-                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
                       "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                      "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                          # Only one of presentMatch, exactMatch or regexMatch must be set.
+                          # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                     },
                   ],
-                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+              "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                  # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                  # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+              "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                  # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+                "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                  "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                      # Default is false.
                   "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                     "A String",
                   ],
                   "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                     "A String",
                   ],
-                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
-                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                  "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                      # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                     "A String",
                   ],
                   "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2527,53 +3828,84 @@ 
Method Details

                   ],
                   "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
                 },
-                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+                "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                    # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                   "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                    "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "httpStatus": 42, # The HTTP status code used to abort the request.
+                        # The value must be between 200 and 599 inclusive.
+                        # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                   "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                     "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                     },
-                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                    "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                        # The value must be between 0.0 and 100.0 inclusive.
                   },
                 },
-                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                    # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                    # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
                 },
-                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                  "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                      # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                  "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                      # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                      # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                      # -
+                      # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                      # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                      # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                      # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                      # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                      # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                      # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                     "A String",
                   ],
                 },
-                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                    # If not specified, will use the largest timeout among all backend services associated with the route.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+                "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                    # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                      # The value must be between 1 and 255 characters.
+                  "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                      # The value must be between 1 and 1024 characters.
                 },
-                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                  { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+                "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                    # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                  { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                     "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                        # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2583,25 +3915,45 @@ 
Method Details

                         { # Specification determining how headers are added to requests or responses.
                           "headerName": "A String", # The name of the header.
                           "headerValue": "A String", # The value of the header to add.
-                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                              # The default value is false.
                         },
                       ],
                       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                         "A String",
                       ],
                     },
-                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                    "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                        # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                        # The value must be between 0 and 1000
                   },
                 ],
               },
-              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+              "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                  # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                  # If urlRedirect is specified, service or routeAction must not be set.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                    # The value must be between 1 and 255 characters.
+                "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                    # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                    # The default is set to false.
+                "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                    # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                    # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                    # The value must be between 1 and 1024 characters.
+                "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                    # Supported values are:
+                    # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                    # - FOUND, which corresponds to 302.
+                    # - SEE_OTHER which corresponds to 303.
+                    # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                    # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+                "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                    # The default is set to false.
               },
             },
           ],
@@ -2609,11 +3961,16 @@ 
Method Details

       ],
       "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         { # Message for the expected URL mappings.
           "description": "A String", # Description of this test case.
-          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+          "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+              # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+              # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+              # expectedOutputUrl is optional when service is specified.
+          "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+              # expectedRedirectResponseCode cannot be set when service is set.
           "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
             { # HTTP headers used in UrlMapTests.
               "name": "A String", # Header name.
@@ -2622,7 +3979,8 @@ 
Method Details

           ],
           "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
           "path": "A String", # Path portion of the URL.
-          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+          "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+              # service cannot be set if expectedRedirectResponseCode is set.
         },
       ],
     },
@@ -2632,7 +3990,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -2658,7 +4017,7 @@ 
Method Details

 

 
 

-    patch(project, urlMap, body=None, requestId=None, x__xgafv=None)
+    patch(project, urlMap, body=None, requestId=None)
   
Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.
 
 Args:
@@ -2667,21 +4026,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2690,53 +4072,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2746,34 +4159,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2783,7 +4223,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2793,7 +4234,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -2804,19 +4246,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2825,53 +4273,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2881,33 +4360,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -2917,7 +4426,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -2925,24 +4435,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -2951,53 +4469,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3007,37 +4556,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3047,7 +4622,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3056,60 +4632,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3118,53 +4746,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3174,25 +4833,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3200,11 +4879,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -3213,21 +4897,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3261,7 +4959,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3275,7 +4974,7 @@ 
Method Details

 

 
 

-    update(project, urlMap, body=None, requestId=None, x__xgafv=None)
+    update(project, urlMap, body=None, requestId=None)
   
Updates the specified UrlMap resource with the data included in the request.
 
 Args:
@@ -3284,21 +4983,44 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
+{ # Represents a URL Map resource.
+    # 
+    # Google Compute Engine has two URL Map resources:
+    # 
+    # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+    # 
+    # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+    # 
+    # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+    # 
+    # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+    # 
+    # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+    # 
+    # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+    # 
+    # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-  "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+  "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+      # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+      # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+      # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+          # Default is false.
       "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
         "A String",
       ],
       "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
         "A String",
       ],
-      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
-      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+      "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+          # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
         "A String",
       ],
       "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3307,53 +5029,84 @@ 
Method Details

       ],
       "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
     },
-    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+    "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+        # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
       "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-        "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "httpStatus": 42, # The HTTP status code used to abort the request.
+            # The value must be between 200 and 599 inclusive.
+            # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
       "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
         "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+        "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+            # The value must be between 0.0 and 100.0 inclusive.
       },
     },
-    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+    "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+        # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+        # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
     },
-    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+      "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+          # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+      "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+          # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+          # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+          # -
+          # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+          # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+          # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+          # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+          # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+          # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+          # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
         "A String",
       ],
     },
-    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+        # If not specified, will use the largest timeout among all backend services associated with the route.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
       "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
     },
-    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+    "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+        # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+          # The value must be between 1 and 255 characters.
+      "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+          # The value must be between 1 and 1024 characters.
     },
-    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-      { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+    "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+        # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+      { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
         "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3363,34 +5116,61 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
             "A String",
           ],
         },
-        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+        "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+            # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+            # The value must be between 0 and 1000
       },
     ],
   },
-  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+  "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+      # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+      # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+      # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+      # Not supported when the URL map is bound to target gRPC proxy.
+    "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+        # The value must be between 1 and 255 characters.
+    "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+        # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+        # The default is set to false.
+    "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+        # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+        # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+        # The value must be between 1 and 1024 characters.
+    "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+        # Supported values are:
+        # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+        # - FOUND, which corresponds to 302.
+        # - SEE_OTHER which corresponds to 303.
+        # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+        # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+    "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+        # The default is set to false.
   },
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+      # The headerAction specified here take effect after headerAction specified under pathMatcher.
+      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3400,7 +5180,8 @@ 
Method Details

       { # Specification determining how headers are added to requests or responses.
         "headerName": "A String", # The name of the header.
         "headerValue": "A String", # The value of the header to add.
-        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+            # The default value is false.
       },
     ],
     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3410,7 +5191,8 @@ 
Method Details

   "hostRules": [ # The list of HostRules to use against the URL.
     { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+          # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "A String",
       ],
       "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -3421,19 +5203,25 @@ 
Method Details

   "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "pathMatchers": [ # The list of named PathMatchers to use against the URL.
     { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-      "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+      "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+          # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+          # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+        "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+              # Default is false.
           "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
             "A String",
           ],
           "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
             "A String",
           ],
-          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
-          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+          "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+              # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
             "A String",
           ],
           "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3442,53 +5230,84 @@ 
Method Details

           ],
           "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
         },
-        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+        "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+            # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
           "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-            "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "httpStatus": 42, # The HTTP status code used to abort the request.
+                # The value must be between 200 and 599 inclusive.
+                # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
           "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
             "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+            "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                # The value must be between 0.0 and 100.0 inclusive.
           },
         },
-        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+        "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+            # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+            # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
         },
-        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+          "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+              # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+          "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+              # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+              # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+              # -
+              # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+              # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+              # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+              # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+              # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+              # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+              # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
             "A String",
           ],
         },
-        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+            # If not specified, will use the largest timeout among all backend services associated with the route.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+        "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+            # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+              # The value must be between 1 and 255 characters.
+          "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+              # The value must be between 1 and 1024 characters.
         },
-        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-          { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+        "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+            # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+          { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
             "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3498,33 +5317,63 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                 "A String",
               ],
             },
-            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+            "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                # The value must be between 0 and 1000
           },
         ],
       },
-      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+      "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+          # - compute/v1/projects/project/global/backendServices/backendService
+          # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+          # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+          # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+          # - compute.backendBuckets.use
+          # - compute.backendServices.use
+      "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+          # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+            # The value must be between 1 and 255 characters.
+        "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+            # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+            # The default is set to false.
+        "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+            # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+            # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+            # The value must be between 1 and 1024 characters.
+        "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+            # Supported values are:
+            # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+            # - FOUND, which corresponds to 302.
+            # - SEE_OTHER which corresponds to 303.
+            # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+            # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+        "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+            # The default is set to false.
       },
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+          # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+          # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3534,7 +5383,8 @@ 
Method Details

           { # Specification determining how headers are added to requests or responses.
             "headerName": "A String", # The name of the header.
             "headerValue": "A String", # The value of the header to add.
-            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+            "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                # The default value is false.
           },
         ],
         "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3542,24 +5392,32 @@ 
Method Details

         ],
       },
       "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+      "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+          # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+          # Within a given pathMatcher, only one of pathRules or routeRules must be set.
         { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
           "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
             "A String",
           ],
-          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of routeAction or urlRedirect must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3568,53 +5426,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3624,37 +5513,63 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
-      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+      "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+          # Within a given pathMatcher, you can set only one of pathRules or routeRules.
         { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-          "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "description": "A String", # The short description conveying the intent of this routeRule.
+              # The description can have a maximum length of 1024 characters.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3664,7 +5579,8 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -3673,60 +5589,112 @@ 
Method Details

           },
           "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
             { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                  # fullPathMatch must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
               "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                 { # matchRule criteria for request header matches.
-                  "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "headerName": "A String", # The name of the HTTP header to match.
+                      # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                      # For matching a request's method, use the headerName ":method".
+                      # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                  "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                      # The default setting is false.
+                  "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                      # For example for a range [-5, 0]
+                      # - -3 will match.
+                      # - 0 will not match.
+                      # - 0.25 will not match.
+                      # - -3someString will not match.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                     "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                     "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                   },
-                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                  "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                      # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                      # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                      # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                 },
               ],
-              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+              "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                  # The default value is false.
+                  # ignoreCase must not be used with regexMatch.
+                  # Not supported when the URL map is bound to target gRPC proxy.
+              "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                  # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                  # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                  # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                    # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                  "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                      # This list must not be empty and can have at the most 64 entries.
                     { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                      "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                      "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                      "name": "A String", # Name of metadata label.
+                          # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                      "value": "A String", # The value of the label must match the specified value.
+                          # value can have a maximum length of 1024 characters.
                     },
                   ],
-                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                  "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                      # Supported values are:
+                      # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                      # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                 },
               ],
-              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+              "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                  # The value must be between 1 and 1024 characters.
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+              "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                  # Not supported when the URL map is bound to target gRPC proxy.
                 { # HttpRouteRuleMatch criteria for a request's query parameter.
-                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
                   "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                  "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                  "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                      # Only one of presentMatch, exactMatch or regexMatch must be set.
+                      # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                 },
               ],
-              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                  # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             },
           ],
-          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+          "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+              # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+              # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+          "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+              # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+            "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                  # Default is false.
               "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                 "A String",
               ],
               "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                 "A String",
               ],
-              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
-              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+              "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                  # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                 "A String",
               ],
               "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3735,53 +5703,84 @@ 
Method Details

               ],
               "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
             },
-            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+            "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
               "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "httpStatus": 42, # The HTTP status code used to abort the request.
+                    # The value must be between 200 and 599 inclusive.
+                    # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
               "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                 "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                    # The value must be between 0.0 and 100.0 inclusive.
               },
             },
-            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+            "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
             },
-            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+              "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                  # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+              "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                  # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                  # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                  # -
+                  # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                  # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                  # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                  # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                  # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                  # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                  # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                 "A String",
               ],
             },
-            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                # If not specified, will use the largest timeout among all backend services associated with the route.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+            "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                  # The value must be between 1 and 255 characters.
+              "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                  # The value must be between 1 and 1024 characters.
             },
-            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-              { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+            "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+              { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                 "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                    # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                    # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                   "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3791,25 +5790,45 @@ 
Method Details

                     { # Specification determining how headers are added to requests or responses.
                       "headerName": "A String", # The name of the header.
                       "headerValue": "A String", # The value of the header to add.
-                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                      "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                          # The default value is false.
                     },
                   ],
                   "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                     "A String",
                   ],
                 },
-                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                    # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                    # The value must be between 0 and 1000
               },
             ],
           },
-          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+          "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+              # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+          "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+              # If urlRedirect is specified, service or routeAction must not be set.
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                # The value must be between 1 and 255 characters.
+            "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                # The default is set to false.
+            "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                # The value must be between 1 and 1024 characters.
+            "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                # Supported values are:
+                # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                # - FOUND, which corresponds to 302.
+                # - SEE_OTHER which corresponds to 303.
+                # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+            "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                # The default is set to false.
           },
         },
       ],
@@ -3817,11 +5836,16 @@ 
Method Details

   ],
   "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+  "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
     { # Message for the expected URL mappings.
       "description": "A String", # Description of this test case.
-      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+      "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+          # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+          # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+          # expectedOutputUrl is optional when service is specified.
+      "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+          # expectedRedirectResponseCode cannot be set when service is set.
       "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
         { # HTTP headers used in UrlMapTests.
           "name": "A String", # Header name.
@@ -3830,21 +5854,35 @@ 
Method Details

       ],
       "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
       "path": "A String", # Path portion of the URL.
-      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+      "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+          # service cannot be set if expectedRedirectResponseCode is set.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -3878,7 +5916,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -3892,7 +5931,7 @@ 
Method Details

 

 
 

-    validate(project, urlMap, body=None, x__xgafv=None)
+    validate(project, urlMap, body=None)
   
Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.
 
 Args:
@@ -3902,21 +5941,44 @@ 
Method Details

     The object takes the form of:
 
 {
-  "resource": { # Represents a URL Map resource. Google Compute Engine has two URL Map resources: * [Global](/compute/docs/reference/rest/v1/urlMaps) * [Regional](/compute/docs/reference/rest/v1/regionUrlMaps) A URL map resource is a component of certain types of GCP load balancers and Traffic Director. * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers. For a list of supported URL map features by load balancer type, see the Load balancing features: Routing and traffic management table. For a list of supported URL map features for Traffic Director, see the Traffic Director features: Routing and traffic management table. This resource defines mappings from host names and URL paths to either a backend service or a backend bucket. To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts. # Content of the UrlMap to be validated.
+  "resource": { # Represents a URL Map resource. # Content of the UrlMap to be validated.
+      #
+      # Google Compute Engine has two URL Map resources:
+      #
+      # * [Global](/compute/docs/reference/rest/{$api_version}/urlMaps) * [Regional](/compute/docs/reference/rest/{$api_version}/regionUrlMaps)
+      #
+      # A URL map resource is a component of certain types of GCP load balancers and Traffic Director.
+      #
+      # * urlMaps are used by external HTTP(S) load balancers and Traffic Director. * regionUrlMaps are used by internal HTTP(S) load balancers.
+      #
+      # For a list of supported URL map features by load balancer type, see the  Load balancing features: Routing and traffic management table.
+      #
+      # For a list of supported URL map features for Traffic Director, see the  Traffic Director features: Routing and traffic management table.
+      #
+      # This resource defines mappings from host names and URL paths to either a backend service or a backend bucket.
+      #
+      # To use the global urlMaps resource, the backend service must have a loadBalancingScheme of either EXTERNAL or INTERNAL_SELF_MANAGED. To use the regionUrlMaps resource, the backend service must have a loadBalancingScheme of INTERNAL_MANAGED. For more information, read URL Map Concepts.
     "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
-    "defaultRouteAction": { # defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction. defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+    "defaultRouteAction": { # defaultRouteAction takes effect when none of the  hostRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+        # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+        # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within defaultRouteAction.
+        # defaultRouteAction has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+          # Not supported when the URL map is bound to target gRPC proxy.
+        "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+            # Default is false.
         "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
           "A String",
         ],
         "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
           "A String",
         ],
-        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
-        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+        "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+            # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
           "A String",
         ],
         "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -3925,53 +5987,84 @@ 
Method Details

         ],
         "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
       },
-      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+      "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+          # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
         "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-          "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "httpStatus": 42, # The HTTP status code used to abort the request.
+              # The value must be between 200 and 599 inclusive.
+              # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
         "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
           "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+          "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+              # The value must be between 0.0 and 100.0 inclusive.
         },
       },
-      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+      "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+          # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+          # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
       },
-      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+        "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+            # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
           "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
           "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
         },
-        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+        "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+            # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+            # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+            # -
+            # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+            # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+            # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+            # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+            # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+            # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+            # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
           "A String",
         ],
       },
-      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+      "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+          # If not specified, will use the largest timeout among all backend services associated with the route.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
         "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
         "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
       },
-      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+      "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+          # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+          # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+            # The value must be between 1 and 255 characters.
+        "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+            # The value must be between 1 and 1024 characters.
       },
-      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-        { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+      "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+          # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+        { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
           "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+              # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+              # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -3981,34 +6074,61 @@ 
Method Details

               { # Specification determining how headers are added to requests or responses.
                 "headerName": "A String", # The name of the header.
                 "headerValue": "A String", # The value of the header to add.
-                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                    # The default value is false.
               },
             ],
             "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
               "A String",
             ],
           },
-          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+          "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+              # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+              # The value must be between 0 and 1000
         },
       ],
     },
-    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+    "defaultService": "A String", # The full or partial URL of the defaultService resource to which traffic is directed if none of the hostRules match. If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified.
+        # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+        # defaultService has no effect when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+        # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+        # Not supported when the URL map is bound to target gRPC proxy.
+      "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+          # The value must be between 1 and 255 characters.
+      "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+          # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+          # The default is set to false.
+      "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+          # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+          # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+          # The value must be between 1 and 1024 characters.
+      "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+          # Supported values are:
+          # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+          # - FOUND, which corresponds to 302.
+          # - SEE_OTHER which corresponds to 303.
+          # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+          # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+      "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+          # The default is set to false.
     },
     "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a UrlMap.
-    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here take effect after headerAction specified under pathMatcher. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "fingerprint": "A String", # Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap, otherwise the request will fail with error 412 conditionNotMet.
+        #
+        # To see the latest fingerprint, make a get() request to retrieve a UrlMap.
+    "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+        # The headerAction specified here take effect after headerAction specified under pathMatcher.
+        # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4018,7 +6138,8 @@ 
Method Details

         { # Specification determining how headers are added to requests or responses.
           "headerName": "A String", # The name of the header.
           "headerValue": "A String", # The value of the header to add.
-          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+          "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+              # The default value is false.
         },
       ],
       "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -4028,7 +6149,8 @@ 
Method Details

     "hostRules": [ # The list of HostRules to use against the URL.
       { # UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "hosts": [ # The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..
+            # * based matching is not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "A String",
         ],
         "pathMatcher": "A String", # The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.
@@ -4039,19 +6161,25 @@ 
Method Details

     "name": "A String", # Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
     "pathMatchers": [ # The list of named PathMatchers to use against the URL.
       { # A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.
-        "defaultRouteAction": { # defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
-          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+        "defaultRouteAction": { # defaultRouteAction takes effect when none of the  pathRules or routeRules match. The load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any  weightedBackendServices.
+            # Only one of defaultRouteAction or defaultUrlRedirect must be set.
+            # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathMatcher's defaultRouteAction.
+          "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+              # Not supported when the URL map is bound to target gRPC proxy.
+            "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                # Default is false.
             "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
               "A String",
             ],
             "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
               "A String",
             ],
-            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
-            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+            "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
               "A String",
             ],
             "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4060,53 +6188,84 @@ 
Method Details

             ],
             "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
           },
-          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+          "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+              # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
             "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-              "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "httpStatus": 42, # The HTTP status code used to abort the request.
+                  # The value must be between 200 and 599 inclusive.
+                  # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
             "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
               "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+              "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                  # The value must be between 0.0 and 100.0 inclusive.
             },
           },
-          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+          "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+              # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+              # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
           },
-          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+            "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
               "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
               "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
             },
-            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+            "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                # -
+                # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
               "A String",
             ],
           },
-          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+          "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+              # If not specified, will use the largest timeout among all backend services associated with the route.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
             "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
             "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
           },
-          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+          "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+              # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+              # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                # The value must be between 1 and 255 characters.
+            "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                # The value must be between 1 and 1024 characters.
           },
-          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-            { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+          "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+              # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+            { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
               "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                  # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                  # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4116,33 +6275,63 @@ 
Method Details

                   { # Specification determining how headers are added to requests or responses.
                     "headerName": "A String", # The name of the header.
                     "headerValue": "A String", # The value of the header to add.
-                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                    "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                        # The default value is false.
                   },
                 ],
                 "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                   "A String",
                 ],
               },
-              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+              "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                  # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                  # The value must be between 0 and 1000
             },
           ],
         },
-        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use
-        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+        "defaultService": "A String", # The full or partial URL to the BackendService resource. This will be used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource:
+            # - https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService
+            # - compute/v1/projects/project/global/backendServices/backendService
+            # - global/backendServices/backendService  If defaultRouteAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified.
+            # Only one of defaultService, defaultUrlRedirect  or defaultRouteAction.weightedBackendService must be set.
+            # Authorization requires one or more of the following Google IAM permissions on the specified resource default_service:
+            # - compute.backendBuckets.use
+            # - compute.backendServices.use
+        "defaultUrlRedirect": { # Specifies settings for an HTTP redirect. # When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect.
+            # If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set.
+            # Not supported when the URL map is bound to target gRPC proxy.
+          "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+              # The value must be between 1 and 255 characters.
+          "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+              # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+              # The default is set to false.
+          "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+              # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+              # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+              # The value must be between 1 and 1024 characters.
+          "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+              # Supported values are:
+              # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+              # - FOUND, which corresponds to 302.
+              # - SEE_OTHER which corresponds to 303.
+              # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+              # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+          "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+              # The default is set to false.
         },
         "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
-        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+        "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+            # HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap
+            # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+            # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
           "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4152,7 +6341,8 @@ 
Method Details

             { # Specification determining how headers are added to requests or responses.
               "headerName": "A String", # The name of the header.
               "headerValue": "A String", # The value of the header to add.
-              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+              "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                  # The default value is false.
             },
           ],
           "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -4160,24 +6350,32 @@ 
Method Details

           ],
         },
         "name": "A String", # The name to which this PathMatcher is referred by the HostRule.
-        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set.
+        "pathRules": [ # The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis.
+            # For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list.
+            # Within a given pathMatcher, only one of pathRules or routeRules must be set.
           { # A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
             "paths": [ # The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.
               "A String",
             ],
-            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "routeAction": { # In response to a matching path, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of routeAction or urlRedirect must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a pathRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4186,53 +6384,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4242,37 +6471,63 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When a path pattern is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
-        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules.
+        "routeRules": [ # The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number.
+            # Within a given pathMatcher, you can set only one of pathRules or routeRules.
           { # An HttpRouteRule specifies how to match an HTTP request and the corresponding routing action that load balancing proxies will perform.
-            "description": "A String", # The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters.
-            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+            "description": "A String", # The short description conveying the intent of this routeRule.
+                # The description can have a maximum length of 1024 characters.
+            "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                # The headerAction specified here are applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction
+                # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
               "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4282,7 +6537,8 @@ 
Method Details

                 { # Specification determining how headers are added to requests or responses.
                   "headerName": "A String", # The name of the header.
                   "headerValue": "A String", # The value of the header to add.
-                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                  "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                      # The default value is false.
                 },
               ],
               "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
@@ -4291,60 +6547,112 @@ 
Method Details

             },
             "matchRules": [ # The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule.
               { # HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
-                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "fullPathMatch": "A String", # For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
+                    # fullPathMatch must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
                 "headerMatches": [ # Specifies a list of header match criteria, all of which must match corresponding headers in the request.
                   { # matchRule criteria for request header matches.
-                    "exactMatch": "A String", # The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "headerName": "A String", # The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
-                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met. The default setting is false.
-                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
-                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                    "exactMatch": "A String", # The value should exactly match contents of exactMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "headerName": "A String", # The name of the HTTP header to match.
+                        # For matching against the HTTP request's authority, use a headerMatch with the header name ":authority".
+                        # For matching a request's method, use the headerName ":method".
+                        # When the URL map is bound to target gRPC proxy that has validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin.
+                    "invertMatch": True or False, # If set to false, the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
+                        # The default setting is false.
+                    "prefixMatch": "A String", # The value of the header must start with the contents of prefixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "presentMatch": True or False, # A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "rangeMatch": { # HttpRouteRuleMatch criteria for field values that must stay within the specified integer range. # The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails.
+                        # For example for a range [-5, 0]
+                        # - -3 will match.
+                        # - 0 will not match.
+                        # - 0.25 will not match.
+                        # - -3someString will not match.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that rangeMatch is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
                       "rangeEnd": "A String", # The end of the range (exclusive) in signed long integer format.
                       "rangeStart": "A String", # The start of the range (inclusive) in signed long integer format.
                     },
-                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see: github.com/google/re2/wiki/Syntax For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
-                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                    "regexMatch": "A String", # The value of the header must match the regular expression specified in regexMatch. For regular expression grammar, please see:  github.com/google/re2/wiki/Syntax
+                        # For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
+                        # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    "suffixMatch": "A String", # The value of the header must end with the contents of suffixMatch.
+                        # Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set.
                   },
                 ],
-                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to target gRPC proxy.
-                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if loadbalancing involves Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
-                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries.
+                "ignoreCase": True or False, # Specifies that prefixMatch and fullPathMatch matches are case sensitive.
+                    # The default value is false.
+                    # ignoreCase must not be used with regexMatch.
+                    # Not supported when the URL map is bound to target gRPC proxy.
+                "metadataFilters": [ # Opaque filter criteria used by Loadbalancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to Loadbalancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies.
+                    # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadataFilters are specified, all of them need to be satisfied in order to be considered a match.
+                    # metadataFilters specified here will be applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to.
+                    # metadataFilters only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                    # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  { # Opaque filter criteria used by loadbalancers to restrict routing configuration to a limited set of loadbalancing proxies. Proxies and sidecars involved in loadbalancing would typically present metadata to the loadbalancers which need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies.
+                      # For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata.
+                      # An example for using metadataFilters would be: if loadbalancing involves  Envoys, they will only receive routing configuration when values in metadataFilters match values supplied in <a href="https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/core/base.proto#envoy-api-msg-core-node" Node metadata of their XDS requests to loadbalancers.
+                    "filterLabels": [ # The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria
+                        # This list must not be empty and can have at the most 64 entries.
                       { # MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the loadbalancer.
-                        "name": "A String", # Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long.
-                        "value": "A String", # The value of the label must match the specified value. value can have a maximum length of 1024 characters.
+                        "name": "A String", # Name of metadata label.
+                            # The name can have a maximum length of 1024 characters and must be at least 1 character long.
+                        "value": "A String", # The value of the label must match the specified value.
+                            # value can have a maximum length of 1024 characters.
                       },
                     ],
-                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match. Supported values are: - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
+                    "filterMatchCriteria": "A String", # Specifies how individual filterLabel matches within the list of filterLabels contribute towards the overall metadataFilter match.
+                        # Supported values are:
+                        # - MATCH_ANY: At least one of the filterLabels must have a matching label in the provided metadata.
+                        # - MATCH_ALL: All filterLabels must have matching labels in the provided metadata.
                   },
                 ],
-                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
-                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to target gRPC proxy.
+                "prefixMatch": "A String", # For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
+                    # The value must be between 1 and 1024 characters.
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                "queryParameterMatches": [ # Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request.
+                    # Not supported when the URL map is bound to target gRPC proxy.
                   { # HttpRouteRuleMatch criteria for a request's query parameter.
-                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "exactMatch": "A String", # The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
                     "name": "A String", # The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
-                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch or regexMatch must be set.
-                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax Only one of presentMatch, exactMatch or regexMatch must be set. Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
+                    "presentMatch": True or False, # Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                    "regexMatch": "A String", # The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For the regular expression grammar, please see github.com/google/re2/wiki/Syntax
+                        # Only one of presentMatch, exactMatch or regexMatch must be set.
+                        # Note that regexMatch only applies when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED.
                   },
                 ],
-                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+                "regexMatch": "A String", # For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # Only one of prefixMatch, fullPathMatch or regexMatch must be specified.
+                    # Note that regexMatch only applies to Loadbalancers that have their loadBalancingScheme set to INTERNAL_SELF_MANAGED.
               },
             ],
-            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
-            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
-              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing Not supported when the URL map is bound to target gRPC proxy.
-                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header. Default is false.
+            "priority": 42, # For routeRules within a given pathMatcher, priority determines the order in which load balancer will interpret routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied.
+                # You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 0 and 2147483647 inclusive.
+                # Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
+            "routeAction": { # In response to a matching matchRule, the load balancer performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected backend. If  routeAction specifies any  weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any  weightedBackendServices.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+                # UrlMaps for external HTTP(S) load balancers support only the urlRewrite action within a routeRule's routeAction.
+              "corsPolicy": { # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing # The specification for allowing client side cross-origin requests. Please see W3C Recommendation for Cross Origin Resource Sharing
+                  # Not supported when the URL map is bound to target gRPC proxy.
+                "allowCredentials": True or False, # In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials header.
+                    # Default is false.
                 "allowHeaders": [ # Specifies the content for the Access-Control-Allow-Headers header.
                   "A String",
                 ],
                 "allowMethods": [ # Specifies the content for the Access-Control-Allow-Methods header.
                   "A String",
                 ],
-                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOriginRegexes": [ # Specifies the regualar expression patterns that match allowed origins. For regular expression grammar please see github.com/google/re2/wiki/Syntax
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
-                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
+                "allowOrigins": [ # Specifies the list of origins that will be allowed to do CORS requests.
+                    # An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes.
                   "A String",
                 ],
                 "disabled": True or False, # If true, specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect.
@@ -4353,53 +6661,84 @@ 
Method Details

                 ],
                 "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header.
               },
-              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
+              "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,
+                  # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy.
                 "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection.
-                  "httpStatus": 42, # The HTTP status code used to abort the request. The value must be between 200 and 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "httpStatus": 42, # The HTTP status code used to abort the request.
+                      # The value must be between 200 and 599 inclusive.
+                      # For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this  mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
                 "delay": { # Specifies the delay introduced by Loadbalancer before forwarding the request to the backend service as part of fault injection. # The specification for how client requests are delayed as part of fault injection, before being sent to a backend service.
                   "fixedDelay": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the value of the fixed delay interval.
                     "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                     "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                   },
-                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. The value must be between 0.0 and 100.0 inclusive.
+                  "percentage": 3.14, # The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection.
+                      # The value must be between 0.0 and 100.0 inclusive.
                 },
               },
-              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed. If not specified, will use the largest maxStreamDuration among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
+              "maxStreamDuration": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (i.e. end-of-stream), the duration in this field is computed from the beginning of the stream until the response has been completely processed, including all retries. A stream that does not complete in this duration is closed.
+                  # If not specified, will use the largest maxStreamDuration among all backend services associated with the route.
+                  # This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "requestMirrorPolicy": { # A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow. # Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, the host / authority header is suffixed with -shadow.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "backendService": "A String", # The full or partial URL to the BackendService resource being mirrored to.
               },
-              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "retryPolicy": { # The retry policy associates with HttpRouteRule # Specifies the retry policy associated with this route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "numRetries": 42, # Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1.
-                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
+                "perTryTimeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies a non-zero timeout per retry attempt.
+                    # If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, will use the largest timeout among all backend services associated with the route.
                   "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                   "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
                 },
-                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are: - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts. - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409. - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
+                "retryConditions": [ # Specifies one or more conditions when this retry rule applies. Valid values are:
+                    # - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, or if the backend service does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
+                    # - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504.
+                    # -
+                    # - connect-failure: Loadbalancer will retry on failures connecting to backend services, for example due to connection timeouts.
+                    # - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. Currently the only retriable error supported is 409.
+                    # - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry.
+                    # - cancelledLoadbalancer will retry if the gRPC status code in the response header is set to cancelled
+                    # - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded
+                    # - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted
+                    # - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable
                   "A String",
                 ],
               },
-              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. If not specified, will use the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+              "timeout": { # A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years. # Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries.
+                  # If not specified, will use the largest timeout among all backend services associated with the route.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                 "nanos": 42, # Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive.
                 "seconds": "A String", # Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
               },
-              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
-                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be between 1 and 255 characters.
-                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be between 1 and 1024 characters.
+              "urlRewrite": { # The spec for modifying the path before sending the request to the matched backend service. # The spec to modify the URL of the request, prior to forwarding the request to the matched service.
+                  # urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers.
+                  # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                "hostRewrite": "A String", # Prior to forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite.
+                    # The value must be between 1 and 255 characters.
+                "pathPrefixRewrite": "A String", # Prior to forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite.
+                    # The value must be between 1 and 1024 characters.
               },
-              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
-                { # In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
+              "weightedBackendServices": [ # A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one  weightedBackendService with weight set to a non-zero number.
+                  # Once a backendService is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction.
+                { # In contrast to a single BackendService in  HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple BackendServices. The volume of traffic for each BackendService is proportional to the weight specified in each WeightedBackendService
                   "backendService": "A String", # The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the loadbalancer applies any relevant headerActions specified as part of this backendServiceWeight.
-                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+                  "headerAction": { # The request and response header transformations that take effect before the request is passed along to the selected backendService. # Specifies changes to request and response headers that need to take effect for the selected backendService.
+                      # headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap.
+                      # Note that headerAction is not supported for Loadbalancers that have their loadBalancingScheme set to EXTERNAL.
+                      # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
                     "requestHeadersToAdd": [ # Headers to add to a matching request prior to forwarding the request to the backendService.
                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "requestHeadersToRemove": [ # A list of header names for headers that need to be removed from the request prior to forwarding the request to the backendService.
@@ -4409,25 +6748,45 @@ 
Method Details

                       { # Specification determining how headers are added to requests or responses.
                         "headerName": "A String", # The name of the header.
                         "headerValue": "A String", # The value of the header to add.
-                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false.
+                        "replace": True or False, # If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header.
+                            # The default value is false.
                       },
                     ],
                     "responseHeadersToRemove": [ # A list of header names for headers that need to be removed from the response prior to sending the response back to the client.
                       "A String",
                     ],
                   },
-                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy. The value must be between 0 and 1000
+                  "weight": 42, # Specifies the fraction of traffic sent to backendService, computed as weight / (sum of all weightedBackendService weights in routeAction) .
+                      # The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backendService, subsequent requests will be sent to the same backendService as determined by the BackendService's session affinity policy.
+                      # The value must be between 0 and 1000
                 },
               ],
             },
-            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
-            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to target gRPC proxy.
-              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request. The value must be between 1 and 255 characters.
-              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false.
-              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The value must be between 1 and 1024 characters.
-              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
-              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false.
+            "service": "A String", # The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is additionally specified, advanced routing actions like URL Rewrites, etc. take effect prior to sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendService s. Conversely, if routeAction specifies any  weightedBackendServices, service must not be specified.
+                # Only one of urlRedirect, service or routeAction.weightedBackendService must be set.
+            "urlRedirect": { # Specifies settings for an HTTP redirect. # When this rule is matched, the request is redirected to a URL specified by urlRedirect.
+                # If urlRedirect is specified, service or routeAction must not be set.
+                # Not supported when the URL map is bound to target gRPC proxy.
+              "hostRedirect": "A String", # The host that will be used in the redirect response instead of the one that was supplied in the request.
+                  # The value must be between 1 and 255 characters.
+              "httpsRedirect": True or False, # If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request.
+                  # This must only be set for UrlMaps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted.
+                  # The default is set to false.
+              "pathRedirect": "A String", # The path that will be used in the redirect response instead of the one that was supplied in the request.
+                  # pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "prefixRedirect": "A String", # The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request.
+                  # prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
+                  # The value must be between 1 and 1024 characters.
+              "redirectResponseCode": "A String", # The HTTP Status code to use for this RedirectAction.
+                  # Supported values are:
+                  # - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
+                  # - FOUND, which corresponds to 302.
+                  # - SEE_OTHER which corresponds to 303.
+                  # - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method will be retained.
+                  # - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method will be retained.
+              "stripQuery": True or False, # If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.
+                  # The default is set to false.
             },
           },
         ],
@@ -4435,11 +6794,16 @@ 
Method Details

     ],
     "region": "A String", # [Output Only] URL of the region where the regional URL map resides. This field is not applicable to global URL maps. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
     "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
-    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap. Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
+    "tests": [ # The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.
+        # Not supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true.
       { # Message for the expected URL mappings.
         "description": "A String", # Description of this test case.
-        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified.
-        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set.
+        "expectedOutputUrl": "A String", # The expected output URL evaluated by load balancer containing the scheme, host, path and query parameters.
+            # For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored.
+            # For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to https. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters.
+            # expectedOutputUrl is optional when service is specified.
+        "expectedRedirectResponseCode": 42, # For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response.
+            # expectedRedirectResponseCode cannot be set when service is set.
         "headers": [ # HTTP headers for this request. If headers contains a host header, then host must also match the header value.
           { # HTTP headers used in UrlMapTests.
             "name": "A String", # Header name.
@@ -4448,16 +6812,13 @@ 
Method Details

         ],
         "host": "A String", # Host portion of the URL. If headers contains a host header, then host must also match the header value.
         "path": "A String", # Path portion of the URL.
-        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to. service cannot be set if expectedRedirectResponseCode is set.
+        "service": "A String", # Expected BackendService or BackendBucket resource the given URL should be mapped to.
+            # service cannot be set if expectedRedirectResponseCode is set.
       },
     ],
   },
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.vpnGateways.html b/docs/dyn/compute_v1.vpnGateways.html
index 278d401440e..8f78fba6c11 100644
--- a/docs/dyn/compute_v1.vpnGateways.html
+++ b/docs/dyn/compute_v1.vpnGateways.html
@@ -75,7 +75,7 @@
 
Compute Engine API . vpnGateways

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of VPN gateways.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,46 +84,52 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, vpnGateway, requestId=None, x__xgafv=None)

+  delete(project, region, vpnGateway, requestId=None)

 
Deletes the specified VPN gateway.

 

-  get(project, region, vpnGateway, x__xgafv=None)

+  get(project, region, vpnGateway)

 
Returns the specified VPN gateway. Gets a list of available VPN gateways by making a list() request.

 

-  getStatus(project, region, vpnGateway, x__xgafv=None)

+  getStatus(project, region, vpnGateway)

 
Returns the status for the specified VPN gateway.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a VPN gateway in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of VPN gateways available to the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)

+  setLabels(project, region, resource, body=None, requestId=None)

 
Sets the labels on a VpnGateway. To learn more about labels, read the Labeling Resources documentation.

 

-  testIamPermissions(project, region, resource, body=None, x__xgafv=None)

+  testIamPermissions(project, region, resource, body=None)

 
Returns permissions that a caller has on the specified resource.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of VPN gateways.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -133,12 +139,16 @@ 
Method Details

   "items": { # A list of VpnGateway resources.
     "a_key": { # [Output Only] Name of the scope containing this set of VPN gateways.
       "vpnGateways": [ # [Output Only] A list of VPN gateways contained in this scope.
-        { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+        { # Represents a HA VPN gateway.
+            #
+            # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
           "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+          "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
           "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
             "a_key": "A String",
           },
@@ -149,7 +159,8 @@ 
Method Details

           "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
             { # A VPN gateway interface.
               "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-              "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+              "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+                  # Not currently available publicly.
               "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
             },
           ],
@@ -157,7 +168,8 @@ 
Method Details

       ],
       "warning": { # [Output Only] Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -175,7 +187,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -206,23 +219,36 @@ 
Method Details

 

 
 

-    delete(project, region, vpnGateway, requestId=None, x__xgafv=None)
+    delete(project, region, vpnGateway, requestId=None)
   
Deletes the specified VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -256,7 +282,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -270,27 +297,27 @@ 
Method Details

 

 
 

-    get(project, region, vpnGateway, x__xgafv=None)
+    get(project, region, vpnGateway)
   
Returns the specified VPN gateway. Gets a list of available VPN gateways by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+    { # Represents a HA VPN gateway.
+    #
+    # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      #
+      # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -301,7 +328,8 @@ 
Method Details

   "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
     { # A VPN gateway interface.
       "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+          # Not currently available publicly.
       "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
     },
   ],
@@ -309,17 +337,13 @@ 
Method Details

 

 
 

-    getStatus(project, region, vpnGateway, x__xgafv=None)
+    getStatus(project, region, vpnGateway)
   
Returns the status for the specified VPN gateway.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnGateway: string, Name of the VPN gateway to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -348,7 +372,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a VPN gateway in the specified project and region using the data included in the request.
 
 Args:
@@ -357,12 +381,16 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+{ # Represents a HA VPN gateway.
+    # 
+    # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+  "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+      # 
+      # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
   "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
     "a_key": "A String",
   },
@@ -373,22 +401,36 @@ 
Method Details

   "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
     { # A VPN gateway interface.
       "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+      "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+          # Not currently available publicly.
       "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
     },
   ],
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -422,7 +464,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -436,21 +479,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of VPN gateways available to the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -458,12 +507,16 @@ 
Method Details

     { # Contains a list of VpnGateway resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of VpnGateway resources.
-    { # Represents a HA VPN gateway. HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see Cloud VPN topologies .
+    { # Represents a HA VPN gateway.
+        #
+        # HA VPN is a high-availability (HA) Cloud VPN solution that lets you securely connect your on-premises network to your Google Cloud Virtual Private Cloud network through an IPsec VPN connection in a single region. For more information about Cloud HA VPN solutions, see  Cloud VPN topologies . (== resource_for {$api_version}.vpnGateways ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
       "kind": "compute#vpnGateway", # [Output Only] Type of resource. Always compute#vpnGateway for VPN gateways.
-      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
+      "labelFingerprint": "A String", # A fingerprint for the labels being applied to this VpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.
+          #
+          # To see the latest fingerprint, make a get() request to retrieve an VpnGateway.
       "labels": { # Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.
         "a_key": "A String",
       },
@@ -474,7 +527,8 @@ 
Method Details

       "vpnInterfaces": [ # The list of VPN interfaces associated with this VPN gateway.
         { # A VPN gateway interface.
           "id": 42, # [Output Only] Numeric identifier for this VPN interface associated with the VPN gateway.
-          "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource. Not currently available publicly.
+          "interconnectAttachment": "A String", # URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for IPsec-encrypted Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource.
+              # Not currently available publicly.
           "ipAddress": "A String", # [Output Only] IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For IPsec-encrypted Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non IPsec-encrypted Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address.
         },
       ],
@@ -485,7 +539,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -511,7 +566,7 @@ 
Method Details

 

 
 

-    setLabels(project, region, resource, body=None, requestId=None, x__xgafv=None)
+    setLabels(project, region, resource, body=None, requestId=None)
   
Sets the labels on a VpnGateway. To learn more about labels, read the Labeling Resources documentation.
 
 Args:
@@ -528,16 +583,29 @@ 
Method Details

   },
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -571,7 +639,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -585,7 +654,7 @@ 
Method Details

 

 
 

-    testIamPermissions(project, region, resource, body=None, x__xgafv=None)
+    testIamPermissions(project, region, resource, body=None)
   
Returns permissions that a caller has on the specified resource.
 
 Args:
@@ -601,10 +670,6 @@ 
Method Details

   ],
 }
 
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
diff --git a/docs/dyn/compute_v1.vpnTunnels.html b/docs/dyn/compute_v1.vpnTunnels.html
index af92b46a940..f7f12193857 100644
--- a/docs/dyn/compute_v1.vpnTunnels.html
+++ b/docs/dyn/compute_v1.vpnTunnels.html
@@ -75,7 +75,7 @@
 
Compute Engine API . vpnTunnels

 
Instance Methods

 

-  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves an aggregated list of VPN tunnels.

 

   aggregatedList_next(previous_request, previous_response)

@@ -84,37 +84,43 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, region, vpnTunnel, requestId=None, x__xgafv=None)

+  delete(project, region, vpnTunnel, requestId=None)

 
Deletes the specified VpnTunnel resource.

 

-  get(project, region, vpnTunnel, x__xgafv=None)

+  get(project, region, vpnTunnel)

 
Returns the specified VpnTunnel resource. Gets a list of available VPN tunnels by making a list() request.

 

-  insert(project, region, body=None, requestId=None, x__xgafv=None)

+  insert(project, region, body=None, requestId=None)

 
Creates a VpnTunnel resource in the specified project and region using the data included in the request.

 

-  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of VpnTunnel resources contained in the specified project and region.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 
Method Details

 

-    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves an aggregated list of VPN tunnels.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -124,7 +130,9 @@ 
Method Details

   "items": { # A list of VpnTunnelsScopedList resources.
     "a_key": { # Name of the scope containing this set of VPN tunnels.
       "vpnTunnels": [ # A list of VPN tunnels contained in this scope.
-        { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+        { # Represents a Cloud VPN Tunnel resource.
+            #
+            # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
           "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
           "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
           "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
@@ -147,7 +155,22 @@ 
Method Details

           "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
           "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
           "sharedSecretHash": "A String", # Hash of the shared secret.
-          "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+          "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+              # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+              # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+              # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+              # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+              # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+              # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+              # - NEGOTIATION_FAILURE: Handshake failed.
+              # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+              # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+              # - NO_INCOMING_PACKETS: No incoming packets from peer.
+              # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+              # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+              # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+              # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+              # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
           "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
           "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
           "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -155,7 +178,8 @@ 
Method Details

       ],
       "warning": { # Informational warning which replaces the list of addresses when the list is empty.
         "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+            # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
           {
             "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
             "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -173,7 +197,8 @@ 
Method Details

   ],
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -204,23 +229,36 @@ 
Method Details

 

 
 

-    delete(project, region, vpnTunnel, requestId=None, x__xgafv=None)
+    delete(project, region, vpnTunnel, requestId=None)
   
Deletes the specified VpnTunnel resource.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnTunnel: string, Name of the VpnTunnel resource to delete. (required)
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -254,7 +292,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -268,22 +307,20 @@ 
Method Details

 

 
 

-    get(project, region, vpnTunnel, x__xgafv=None)
+    get(project, region, vpnTunnel)
   
Returns the specified VpnTunnel resource. Gets a list of available VPN tunnels by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
   vpnTunnel: string, Name of the VpnTunnel resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+    { # Represents a Cloud VPN Tunnel resource.
+    #
+    # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
@@ -306,7 +343,22 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
   "sharedSecretHash": "A String", # Hash of the shared secret.
-  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+      # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+      # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+      # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+      # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+      # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+      # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+      # - NEGOTIATION_FAILURE: Handshake failed.
+      # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+      # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+      # - NO_INCOMING_PACKETS: No incoming packets from peer.
+      # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+      # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+      # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+      # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+      # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
   "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
   "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
   "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -314,7 +366,7 @@ 
Method Details

 

 
 

-    insert(project, region, body=None, requestId=None, x__xgafv=None)
+    insert(project, region, body=None, requestId=None)
   
Creates a VpnTunnel resource in the specified project and region using the data included in the request.
 
 Args:
@@ -323,7 +375,9 @@ 
Method Details

   body: object, The request body.
     The object takes the form of:
 
-{ # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+{ # Represents a Cloud VPN Tunnel resource.
+    # 
+    # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
   "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
@@ -346,22 +400,50 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
   "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
   "sharedSecretHash": "A String", # Hash of the shared secret.
-  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+  "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+      # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+      # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+      # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+      # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+      # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+      # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+      # - NEGOTIATION_FAILURE: Handshake failed.
+      # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+      # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+      # - NO_INCOMING_PACKETS: No incoming packets from peer.
+      # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+      # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+      # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+      # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+      # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
   "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
   "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
   "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
 }
 
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -395,7 +477,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -409,21 +492,27 @@ 
Method Details

 

 
 

-    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, region, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of VpnTunnel resources contained in the specified project and region.
 
 Args:
   project: string, Project ID for this request. (required)
   region: string, Name of the region for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -431,7 +520,9 @@ 
Method Details

     { # Contains a list of VpnTunnel resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of VpnTunnel resources.
-    { # Represents a Cloud VPN Tunnel resource. For more information about VPN, read the the Cloud VPN Overview.
+    { # Represents a Cloud VPN Tunnel resource.
+        #
+        # For more information about VPN, read the  the Cloud VPN Overview. (== resource_for {$api_version}.vpnTunnels ==)
       "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "detailedStatus": "A String", # [Output Only] Detailed status message for the VPN tunnel.
@@ -454,7 +545,22 @@ 
Method Details

       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
       "sharedSecret": "A String", # Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
       "sharedSecretHash": "A String", # Hash of the shared secret.
-      "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following: - PROVISIONING: Resource is being allocated for the VPN tunnel. - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel. - FIRST_HANDSHAKE: Successful first handshake with the peer VPN. - ESTABLISHED: Secure session is successfully established with the peer VPN. - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret). - NEGOTIATION_FAILURE: Handshake failed. - DEPROVISIONING: Resources are being deallocated for the VPN tunnel. - FAILED: Tunnel creation has failed and the tunnel is not ready to be used. - NO_INCOMING_PACKETS: No incoming packets from peer. - REJECTED: Tunnel configuration was rejected, can be result of being denied access. - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources. - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state. - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT. - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
+      "status": "A String", # [Output Only] The status of the VPN tunnel, which can be one of the following:
+          # - PROVISIONING: Resource is being allocated for the VPN tunnel.
+          # - WAITING_FOR_FULL_CONFIG: Waiting to receive all VPN-related configs from the user. Network, TargetVpnGateway, VpnTunnel, ForwardingRule, and Route resources are needed to setup the VPN tunnel.
+          # - FIRST_HANDSHAKE: Successful first handshake with the peer VPN.
+          # - ESTABLISHED: Secure session is successfully established with the peer VPN.
+          # - NETWORK_ERROR: Deprecated, replaced by NO_INCOMING_PACKETS
+          # - AUTHORIZATION_ERROR: Auth error (for example, bad shared secret).
+          # - NEGOTIATION_FAILURE: Handshake failed.
+          # - DEPROVISIONING: Resources are being deallocated for the VPN tunnel.
+          # - FAILED: Tunnel creation has failed and the tunnel is not ready to be used.
+          # - NO_INCOMING_PACKETS: No incoming packets from peer.
+          # - REJECTED: Tunnel configuration was rejected, can be result of being denied access.
+          # - ALLOCATING_RESOURCES: Cloud VPN is in the process of allocating all required resources.
+          # - STOPPED: Tunnel is stopped due to its Forwarding Rules being deleted for Classic VPN tunnels or the project is in frozen state.
+          # - PEER_IDENTITY_MISMATCH: Peer identity does not match peer IP, probably behind NAT.
+          # - TS_NARROWING_NOT_ALLOWED: Traffic selector narrowing not allowed for an HA-VPN tunnel.
       "targetVpnGateway": "A String", # URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.
       "vpnGateway": "A String", # URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created. This must be used (instead of target_vpn_gateway) if a High Availability VPN gateway resource is created.
       "vpnGatewayInterface": 42, # The interface ID of the VPN gateway with which this VPN tunnel is associated.
@@ -465,7 +571,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.zoneOperations.html b/docs/dyn/compute_v1.zoneOperations.html
index 4606b642cfa..a44e0d2a369 100644
--- a/docs/dyn/compute_v1.zoneOperations.html
+++ b/docs/dyn/compute_v1.zoneOperations.html
@@ -78,20 +78,20 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  delete(project, zone, operation, x__xgafv=None)

+  delete(project, zone, operation)

 
Deletes the specified zone-specific Operations resource.

 

-  get(project, zone, operation, x__xgafv=None)

+  get(project, zone, operation)

 
Retrieves the specified zone-specific Operations resource.

 

-  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves a list of Operation resources contained within the specified zone.

 

   list_next(previous_request, previous_response)

 
Retrieves the next page of results.

 

-  wait(project, zone, operation, x__xgafv=None)

-
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 

+  wait(project, zone, operation)

+
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.

 
Method Details

 

     close()
@@ -99,37 +99,42 @@ 
Method Details

 

 
 

-    delete(project, zone, operation, x__xgafv=None)
+    delete(project, zone, operation)
   
Deletes the specified zone-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to delete. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 

 

 
 

-    get(project, zone, operation, x__xgafv=None)
+    get(project, zone, operation)
   
Retrieves the specified zone-specific Operations resource.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -163,7 +168,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -177,21 +183,27 @@ 
Method Details

 

 
 

-    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, zone, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves a list of Operation resources contained within the specified zone.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -199,7 +211,20 @@ 
Method Details

     { # Contains a list of Operation resources.
   "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
   "items": [ # [Output Only] A list of Operation resources.
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+        #
+        # Google Compute Engine has three Operation resources:
+        #
+        # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+        #
+        # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+        #
+        # Operations can be global, regional or zonal.
+        # - For global operations, use the `globalOperations` resource.
+        # - For regional operations, use the `regionOperations` resource.
+        # - For zonal operations, use the `zonalOperations` resource.
+        #
+        # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
       "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
       "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
       "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -233,7 +258,8 @@ 
Method Details

       "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
         {
           "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-          "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+          "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+              # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
             {
               "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
               "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -250,7 +276,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
@@ -276,22 +303,35 @@ 
Method Details

 

 
 

-    wait(project, zone, operation, x__xgafv=None)
-  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress. This method is called on a best-effort basis. Specifically: - In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. - If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`. 
+    wait(project, zone, operation)
+  
Waits for the specified Operation resource to return as `DONE` or for the request to approach the 2 minute deadline, and retrieves the specified Operation resource. This method differs from the `GET` method in that it waits for no more than the default deadline (2 minutes) and then returns the current state of the operation, which might be `DONE` or still in progress.
+
+This method is called on a best-effort basis. Specifically:  
+- In uncommon cases, when the server is overloaded, the request might return before the default deadline is reached, or might return after zero seconds. 
+- If the default deadline is reached, there is no guarantee that the operation is actually done when the method returns. Be prepared to retry if the operation is not `DONE`.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone for this request. (required)
   operation: string, Name of the Operations resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/v1/globalOperations) * [Regional](/compute/docs/reference/rest/v1/regionOperations) * [Zonal](/compute/docs/reference/rest/v1/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
   "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
   "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
   "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
@@ -325,7 +365,8 @@ 
Method Details

   "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
     {
       "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
         {
           "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
           "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/compute_v1.zones.html b/docs/dyn/compute_v1.zones.html
index 61d0b975177..f91614afd52 100644
--- a/docs/dyn/compute_v1.zones.html
+++ b/docs/dyn/compute_v1.zones.html
@@ -78,10 +78,10 @@ 
Instance Methods

   close()

 
Close httplib2 connections.

 

-  get(project, zone, x__xgafv=None)

+  get(project, zone)

 
Returns the specified Zone resource. Gets a list of available zones by making a list() request.

 

-  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)

+  list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)

 
Retrieves the list of Zone resources available to the specified project.

 

   list_next(previous_request, previous_response)

@@ -93,21 +93,19 @@ 
Method Details

 

 
 

-    get(project, zone, x__xgafv=None)
+    get(project, zone)
   
Returns the specified Zone resource. Gets a list of available zones by making a list() request.
 
 Args:
   project: string, Project ID for this request. (required)
   zone: string, Name of the zone resource to return. (required)
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
 
-    { # Represents a Zone resource. A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones.
+    { # Represents a Zone resource.
+    #
+    # A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones. (== resource_for {$api_version}.zones ==)
   "availableCpuPlatforms": [ # [Output Only] Available cpu/platform selections for the zone.
     "A String",
   ],
@@ -131,20 +129,26 @@ 
Method Details

 

 
 

-    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)
+    list(project, filter=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None)
   
Retrieves the list of Zone resources available to the specified project.
 
 Args:
   project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
+  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
+
+For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`.
+
+You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels.
+
+To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = "Intel Skylake") ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = "Intel Skylake") OR (cpuPlatform = "Intel Broadwell") AND (scheduling.automaticRestart = true) ```
   maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
+  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.
+
+You can also sort results in descending order based on the creation timestamp using `orderBy="creationTimestamp desc"`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.
+
+Currently, only sorting by `name` or `creationTimestamp desc` is supported.
   pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
   returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
 
 Returns:
   An object of the form:
@@ -152,7 +156,9 @@ 
Method Details

     { # Contains a list of zone resources.
   "id": "A String", # [Output Only] Unique identifier for the resource; defined by the server.
   "items": [ # A list of Zone resources.
-    { # Represents a Zone resource. A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones.
+    { # Represents a Zone resource.
+        #
+        # A zone is a deployment area. These deployment areas are subsets of a region. For example the zone us-east1-a is located in the us-east1 region. For more information, read Regions and Zones. (== resource_for {$api_version}.zones ==)
       "availableCpuPlatforms": [ # [Output Only] Available cpu/platform selections for the zone.
         "A String",
       ],
@@ -179,7 +185,8 @@ 
Method Details

   "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
   "warning": { # [Output Only] Informational warning message.
     "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    "data": [ # [Output Only] Metadata about this warning in key: value format. For example: "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+    "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+        # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
       {
         "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
         "value": "A String", # [Output Only] A warning data value corresponding to the key.
diff --git a/docs/dyn/firestore_v1beta1.projects.databases.documents.html b/docs/dyn/firestore_v1beta1.projects.databases.documents.html
index 712832b8a03..352fb5224ab 100644
--- a/docs/dyn/firestore_v1beta1.projects.databases.documents.html
+++ b/docs/dyn/firestore_v1beta1.projects.databases.documents.html
@@ -175,7 +175,11 @@ 
Method Details

     "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
     "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
       "a_key": { # A message that can hold any of the supported value types.
-        "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+        "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "values": [ # Values in the array.
+            # Object with schema name: Value
+          ],
+        },
         "booleanValue": True or False, # A boolean value.
         "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
         "doubleValue": 3.14, # A double value.
@@ -230,31 +234,16 @@ 
Method Details

           { # A transformation of a field of the document.
             "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                { # A message that can hold any of the supported value types.
-                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                  "booleanValue": True or False, # A boolean value.
-                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                  "doubleValue": 3.14, # A double value.
-                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                  },
-                  "integerValue": "A String", # An integer value.
-                  "mapValue": { # A map value. # A map value.
-                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                      "a_key": # Object with schema name: Value
-                    },
-                  },
-                  "nullValue": "A String", # A null value.
-                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-                },
+                # Object with schema name: Value
               ],
             },
             "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
             "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -274,7 +263,11 @@ 
Method Details

               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -294,7 +287,11 @@ 
Method Details

               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -315,26 +312,7 @@ 
Method Details

             },
             "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                { # A message that can hold any of the supported value types.
-                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                  "booleanValue": True or False, # A boolean value.
-                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                  "doubleValue": 3.14, # A double value.
-                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                  },
-                  "integerValue": "A String", # An integer value.
-                  "mapValue": { # A map value. # A map value.
-                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                      "a_key": # Object with schema name: Value
-                    },
-                  },
-                  "nullValue": "A String", # A null value.
-                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-                },
+                # Object with schema name: Value
               ],
             },
             "setToServerValue": "A String", # Sets the field to the given server value.
@@ -345,7 +323,11 @@ 
Method Details

         "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
         "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
           "a_key": { # A message that can hold any of the supported value types.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -377,31 +359,16 @@ 
Method Details

         { # A transformation of a field of the document.
           "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              { # A message that can hold any of the supported value types.
-                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "booleanValue": True or False, # A boolean value.
-                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                "doubleValue": 3.14, # A double value.
-                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                },
-                "integerValue": "A String", # An integer value.
-                "mapValue": { # A map value. # A map value.
-                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                    "a_key": # Object with schema name: Value
-                  },
-                },
-                "nullValue": "A String", # A null value.
-                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-              },
+              # Object with schema name: Value
             ],
           },
           "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
           "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -421,7 +388,11 @@ 
Method Details

             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -441,7 +412,11 @@ 
Method Details

             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -462,26 +437,7 @@ 
Method Details

           },
           "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              { # A message that can hold any of the supported value types.
-                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "booleanValue": True or False, # A boolean value.
-                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                "doubleValue": 3.14, # A double value.
-                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                },
-                "integerValue": "A String", # An integer value.
-                "mapValue": { # A map value. # A map value.
-                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                    "a_key": # Object with schema name: Value
-                  },
-                },
-                "nullValue": "A String", # A null value.
-                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-              },
+              # Object with schema name: Value
             ],
           },
           "setToServerValue": "A String", # Sets the field to the given server value.
@@ -515,7 +471,11 @@ 
Method Details

     { # The result of applying a write.
       "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -603,31 +563,16 @@ 
Method Details

           { # A transformation of a field of the document.
             "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                { # A message that can hold any of the supported value types.
-                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                  "booleanValue": True or False, # A boolean value.
-                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                  "doubleValue": 3.14, # A double value.
-                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                  },
-                  "integerValue": "A String", # An integer value.
-                  "mapValue": { # A map value. # A map value.
-                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                      "a_key": # Object with schema name: Value
-                    },
-                  },
-                  "nullValue": "A String", # A null value.
-                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-                },
+                # Object with schema name: Value
               ],
             },
             "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
             "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -647,7 +592,11 @@ 
Method Details

               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -667,7 +616,11 @@ 
Method Details

               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -688,26 +641,7 @@ 
Method Details

             },
             "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                { # A message that can hold any of the supported value types.
-                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                  "booleanValue": True or False, # A boolean value.
-                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                  "doubleValue": 3.14, # A double value.
-                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                  },
-                  "integerValue": "A String", # An integer value.
-                  "mapValue": { # A map value. # A map value.
-                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                      "a_key": # Object with schema name: Value
-                    },
-                  },
-                  "nullValue": "A String", # A null value.
-                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-                },
+                # Object with schema name: Value
               ],
             },
             "setToServerValue": "A String", # Sets the field to the given server value.
@@ -718,7 +652,11 @@ 
Method Details

         "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
         "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
           "a_key": { # A message that can hold any of the supported value types.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -750,31 +688,16 @@ 
Method Details

         { # A transformation of a field of the document.
           "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              { # A message that can hold any of the supported value types.
-                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "booleanValue": True or False, # A boolean value.
-                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                "doubleValue": 3.14, # A double value.
-                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                },
-                "integerValue": "A String", # An integer value.
-                "mapValue": { # A map value. # A map value.
-                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                    "a_key": # Object with schema name: Value
-                  },
-                },
-                "nullValue": "A String", # A null value.
-                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-              },
+              # Object with schema name: Value
             ],
           },
           "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
           "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -794,7 +717,11 @@ 
Method Details

             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -814,7 +741,11 @@ 
Method Details

             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -835,26 +766,7 @@ 
Method Details

           },
           "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              { # A message that can hold any of the supported value types.
-                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "booleanValue": True or False, # A boolean value.
-                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                "doubleValue": 3.14, # A double value.
-                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                },
-                "integerValue": "A String", # An integer value.
-                "mapValue": { # A map value. # A map value.
-                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                    "a_key": # Object with schema name: Value
-                  },
-                },
-                "nullValue": "A String", # A null value.
-                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-              },
+              # Object with schema name: Value
             ],
           },
           "setToServerValue": "A String", # Sets the field to the given server value.
@@ -878,7 +790,11 @@ 
Method Details

     { # The result of applying a write.
       "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -918,7 +834,11 @@ 
Method Details

   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+        "values": [ # Values in the array.
+          # Object with schema name: Value
+        ],
+      },
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -956,7 +876,11 @@ 
Method Details

   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+        "values": [ # Values in the array.
+          # Object with schema name: Value
+        ],
+      },
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -1022,7 +946,11 @@ 
Method Details

   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+        "values": [ # Values in the array.
+          # Object with schema name: Value
+        ],
+      },
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -1075,7 +1003,11 @@ 
Method Details

       "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
       "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
         "a_key": { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1185,7 +1117,11 @@ 
Method Details

           "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
           "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
             { # A message that can hold any of the supported value types.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1233,7 +1169,11 @@ 
Method Details

           "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
           "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
             { # A message that can hold any of the supported value types.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1267,7 +1207,11 @@ 
Method Details

             },
             "op": "A String", # The operator to filter by.
             "value": { # A message that can hold any of the supported value types. # The value to compare to.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1320,7 +1264,11 @@ 
Method Details

       "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
       "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
         "a_key": { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1406,7 +1354,11 @@ 
Method Details

       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1454,7 +1406,11 @@ 
Method Details

       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1488,7 +1444,11 @@ 
Method Details

         },
         "op": "A String", # The operator to filter by.
         "value": { # A message that can hold any of the supported value types. # The value to compare to.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1533,7 +1493,11 @@ 
Method Details

       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1585,7 +1549,11 @@ 
Method Details

   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+        "values": [ # Values in the array.
+          # Object with schema name: Value
+        ],
+      },
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -1625,7 +1593,11 @@ 
Method Details

   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+        "values": [ # Values in the array.
+          # Object with schema name: Value
+        ],
+      },
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -1699,7 +1671,11 @@ 
Method Details

       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1747,7 +1723,11 @@ 
Method Details

       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1781,7 +1761,11 @@ 
Method Details

         },
         "op": "A String", # The operator to filter by.
         "value": { # A message that can hold any of the supported value types. # The value to compare to.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1825,7 +1809,11 @@ 
Method Details

     "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
     "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
       "a_key": { # A message that can hold any of the supported value types.
-        "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+        "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "values": [ # Values in the array.
+            # Object with schema name: Value
+          ],
+        },
         "booleanValue": True or False, # A boolean value.
         "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
         "doubleValue": 3.14, # A double value.
@@ -1882,31 +1870,16 @@ 
Method Details

           { # A transformation of a field of the document.
             "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                { # A message that can hold any of the supported value types.
-                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                  "booleanValue": True or False, # A boolean value.
-                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                  "doubleValue": 3.14, # A double value.
-                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                  },
-                  "integerValue": "A String", # An integer value.
-                  "mapValue": { # A map value. # A map value.
-                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                      "a_key": # Object with schema name: Value
-                    },
-                  },
-                  "nullValue": "A String", # A null value.
-                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-                },
+                # Object with schema name: Value
               ],
             },
             "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
             "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1926,7 +1899,11 @@ 
Method Details

               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1946,7 +1923,11 @@ 
Method Details

               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "values": [ # Values in the array.
+                  # Object with schema name: Value
+                ],
+              },
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1967,26 +1948,7 @@ 
Method Details

             },
             "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                { # A message that can hold any of the supported value types.
-                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                  "booleanValue": True or False, # A boolean value.
-                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                  "doubleValue": 3.14, # A double value.
-                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                  },
-                  "integerValue": "A String", # An integer value.
-                  "mapValue": { # A map value. # A map value.
-                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                      "a_key": # Object with schema name: Value
-                    },
-                  },
-                  "nullValue": "A String", # A null value.
-                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-                },
+                # Object with schema name: Value
               ],
             },
             "setToServerValue": "A String", # Sets the field to the given server value.
@@ -1997,7 +1959,11 @@ 
Method Details

         "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
         "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
           "a_key": { # A message that can hold any of the supported value types.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -2029,31 +1995,16 @@ 
Method Details

         { # A transformation of a field of the document.
           "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              { # A message that can hold any of the supported value types.
-                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "booleanValue": True or False, # A boolean value.
-                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                "doubleValue": 3.14, # A double value.
-                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                },
-                "integerValue": "A String", # An integer value.
-                "mapValue": { # A map value. # A map value.
-                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                    "a_key": # Object with schema name: Value
-                  },
-                },
-                "nullValue": "A String", # A null value.
-                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-              },
+              # Object with schema name: Value
             ],
           },
           "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
           "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -2073,7 +2024,11 @@ 
Method Details

             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -2093,7 +2048,11 @@ 
Method Details

             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+              "values": [ # Values in the array.
+                # Object with schema name: Value
+              ],
+            },
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -2114,26 +2073,7 @@ 
Method Details

           },
           "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              { # A message that can hold any of the supported value types.
-                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "booleanValue": True or False, # A boolean value.
-                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
-                "doubleValue": 3.14, # A double value.
-                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-                },
-                "integerValue": "A String", # An integer value.
-                "mapValue": { # A map value. # A map value.
-                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
-                    "a_key": # Object with schema name: Value
-                  },
-                },
-                "nullValue": "A String", # A null value.
-                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
-                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
-                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
-              },
+              # Object with schema name: Value
             ],
           },
           "setToServerValue": "A String", # Sets the field to the given server value.
@@ -2159,7 +2099,11 @@ 
Method Details

     { # The result of applying a write.
       "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order.
         { # A message that can hold any of the supported value types.
-          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+            "values": [ # Values in the array.
+              # Object with schema name: Value
+            ],
+          },
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
diff --git a/docs/dyn/managedidentities_v1alpha1.projects.locations.html b/docs/dyn/managedidentities_v1alpha1.projects.locations.html
index 8ca742db1ed..be4b046fc69 100644
--- a/docs/dyn/managedidentities_v1alpha1.projects.locations.html
+++ b/docs/dyn/managedidentities_v1alpha1.projects.locations.html
@@ -131,7 +131,7 @@ 
Method Details

 Args:
   name: string, The resource that owns the locations collection, if applicable. (required)
   filter: string, A filter to narrow down results to a preferred subset. The filtering language accepts strings like "displayName=tokyo", and is documented in more detail in [AIP-160](https://google.aip.dev/160).
-  pageSize: integer, The maximum number of results to return. If not set, the service will select a default.
+  pageSize: integer, The maximum number of results to return. If not set, the service selects a default.
   pageToken: string, A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page.
   x__xgafv: string, V1 error format.
     Allowed values
diff --git a/docs/dyn/managedidentities_v1beta1.projects.locations.html b/docs/dyn/managedidentities_v1beta1.projects.locations.html
index 3ae657c8c16..2d2a5ed3be3 100644
--- a/docs/dyn/managedidentities_v1beta1.projects.locations.html
+++ b/docs/dyn/managedidentities_v1beta1.projects.locations.html
@@ -131,7 +131,7 @@ 
Method Details

 Args:
   name: string, The resource that owns the locations collection, if applicable. (required)
   filter: string, A filter to narrow down results to a preferred subset. The filtering language accepts strings like "displayName=tokyo", and is documented in more detail in [AIP-160](https://google.aip.dev/160).
-  pageSize: integer, The maximum number of results to return. If not set, the service will select a default.
+  pageSize: integer, The maximum number of results to return. If not set, the service selects a default.
   pageToken: string, A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page.
   x__xgafv: string, V1 error format.
     Allowed values
diff --git a/docs/dyn/notebooks_v1.projects.locations.schedules.html b/docs/dyn/notebooks_v1.projects.locations.schedules.html
index 35bf89987b8..7c602e00256 100644
--- a/docs/dyn/notebooks_v1.projects.locations.schedules.html
+++ b/docs/dyn/notebooks_v1.projects.locations.schedules.html
@@ -114,7 +114,7 @@ 
Method Details

   "createTime": "A String", # Output only. Time the schedule was created.
   "cronSchedule": "A String", # Cron-tab formatted schedule by which the job will execute Format: minute, hour, day of month, month, day of week e.g. 0 0 * * WED = every Wednesday More examples: https://crontab.guru/examples.html
   "description": "A String", # A brief description of this environment.
-  "displayName": "A String", # Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens ‘-’, and underscores ‘_’.
+  "displayName": "A String", # Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens '-', and underscores '_'.
   "executionTemplate": { # The description a notebook execution workload. # Notebook Execution Template corresponding to this schedule.
     "acceleratorConfig": { # Definition of a hardware accelerator. Note that not all combinations of `type` and `core_count` are valid. Check GPUs on Compute Engine to find a valid combination. TPUs are not supported. # Configuration (count and accelerator type) for hardware running notebook execution.
       "coreCount": "A String", # Count of cores of this accelerator.
@@ -249,7 +249,7 @@ 
Method Details

   "createTime": "A String", # Output only. Time the schedule was created.
   "cronSchedule": "A String", # Cron-tab formatted schedule by which the job will execute Format: minute, hour, day of month, month, day of week e.g. 0 0 * * WED = every Wednesday More examples: https://crontab.guru/examples.html
   "description": "A String", # A brief description of this environment.
-  "displayName": "A String", # Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens ‘-’, and underscores ‘_’.
+  "displayName": "A String", # Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens '-', and underscores '_'.
   "executionTemplate": { # The description a notebook execution workload. # Notebook Execution Template corresponding to this schedule.
     "acceleratorConfig": { # Definition of a hardware accelerator. Note that not all combinations of `type` and `core_count` are valid. Check GPUs on Compute Engine to find a valid combination. TPUs are not supported. # Configuration (count and accelerator type) for hardware running notebook execution.
       "coreCount": "A String", # Count of cores of this accelerator.
@@ -327,7 +327,7 @@ 
Method Details

       "createTime": "A String", # Output only. Time the schedule was created.
       "cronSchedule": "A String", # Cron-tab formatted schedule by which the job will execute Format: minute, hour, day of month, month, day of week e.g. 0 0 * * WED = every Wednesday More examples: https://crontab.guru/examples.html
       "description": "A String", # A brief description of this environment.
-      "displayName": "A String", # Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens ‘-’, and underscores ‘_’.
+      "displayName": "A String", # Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens '-', and underscores '_'.
       "executionTemplate": { # The description a notebook execution workload. # Notebook Execution Template corresponding to this schedule.
         "acceleratorConfig": { # Definition of a hardware accelerator. Note that not all combinations of `type` and `core_count` are valid. Check GPUs on Compute Engine to find a valid combination. TPUs are not supported. # Configuration (count and accelerator type) for hardware running notebook execution.
           "coreCount": "A String", # Count of cores of this accelerator.
diff --git a/googleapiclient/discovery_cache/documents/apikeys.v2.json b/googleapiclient/discovery_cache/documents/apikeys.v2.json
index 4b99f70af3b..4786d7271b0 100644
--- a/googleapiclient/discovery_cache/documents/apikeys.v2.json
+++ b/googleapiclient/discovery_cache/documents/apikeys.v2.json
@@ -424,7 +424,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210609",
   "rootUrl": "https://apikeys.googleapis.com/",
   "schemas": {
     "Operation": {
diff --git a/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json b/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json
index 2719fa301df..b12715bc524 100644
--- a/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json
@@ -586,7 +586,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://area120tables.googleapis.com/",
   "schemas": {
     "BatchCreateRowsRequest": {
diff --git a/googleapiclient/discovery_cache/documents/calendar.v3.json b/googleapiclient/discovery_cache/documents/calendar.v3.json
index b1dceb76197..4d571c4a51e 100644
--- a/googleapiclient/discovery_cache/documents/calendar.v3.json
+++ b/googleapiclient/discovery_cache/documents/calendar.v3.json
@@ -1723,7 +1723,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://www.googleapis.com/",
   "schemas": {
     "Acl": {
diff --git a/googleapiclient/discovery_cache/documents/chromemanagement.v1.json b/googleapiclient/discovery_cache/documents/chromemanagement.v1.json
index d4a62e7a68a..00d47bef051 100644
--- a/googleapiclient/discovery_cache/documents/chromemanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/chromemanagement.v1.json
@@ -288,7 +288,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://chromemanagement.googleapis.com/",
   "schemas": {
     "GoogleChromeManagementV1BrowserVersion": {
diff --git a/googleapiclient/discovery_cache/documents/chromepolicy.v1.json b/googleapiclient/discovery_cache/documents/chromepolicy.v1.json
index 271802b11aa..1cb1279e392 100644
--- a/googleapiclient/discovery_cache/documents/chromepolicy.v1.json
+++ b/googleapiclient/discovery_cache/documents/chromepolicy.v1.json
@@ -324,7 +324,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://chromepolicy.googleapis.com/",
   "schemas": {
     "GoogleChromePolicyV1AdditionalTargetKeyName": {
diff --git a/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json b/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json
index 6582f9e5613..34c9a05b1c8 100644
--- a/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json
+++ b/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json
@@ -116,7 +116,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://chromeuxreport.googleapis.com/",
   "schemas": {
     "Bin": {
diff --git a/googleapiclient/discovery_cache/documents/content.v2.1.json b/googleapiclient/discovery_cache/documents/content.v2.1.json
index d5a079141bd..e3f5c8cb000 100644
--- a/googleapiclient/discovery_cache/documents/content.v2.1.json
+++ b/googleapiclient/discovery_cache/documents/content.v2.1.json
@@ -5485,7 +5485,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210611",
   "rootUrl": "https://shoppingcontent.googleapis.com/",
   "schemas": {
     "Account": {
diff --git a/googleapiclient/discovery_cache/documents/content.v2.json b/googleapiclient/discovery_cache/documents/content.v2.json
index 3bd09418f10..d727b11997c 100644
--- a/googleapiclient/discovery_cache/documents/content.v2.json
+++ b/googleapiclient/discovery_cache/documents/content.v2.json
@@ -3298,7 +3298,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210611",
   "rootUrl": "https://shoppingcontent.googleapis.com/",
   "schemas": {
     "Account": {
diff --git a/googleapiclient/discovery_cache/documents/customsearch.v1.json b/googleapiclient/discovery_cache/documents/customsearch.v1.json
index 2a605891a35..e0d27b7d11c 100644
--- a/googleapiclient/discovery_cache/documents/customsearch.v1.json
+++ b/googleapiclient/discovery_cache/documents/customsearch.v1.json
@@ -674,7 +674,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210610",
   "rootUrl": "https://customsearch.googleapis.com/",
   "schemas": {
     "Promotion": {
diff --git a/googleapiclient/discovery_cache/documents/datalabeling.v1beta1.json b/googleapiclient/discovery_cache/documents/datalabeling.v1beta1.json
index 989c2d1d477..5da25afd54e 100644
--- a/googleapiclient/discovery_cache/documents/datalabeling.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/datalabeling.v1beta1.json
@@ -1596,7 +1596,7 @@
       }
     }
   },
-  "revision": "20210527",
+  "revision": "20210608",
   "rootUrl": "https://datalabeling.googleapis.com/",
   "schemas": {
     "GoogleCloudDatalabelingV1alpha1CreateInstructionMetadata": {
diff --git a/googleapiclient/discovery_cache/documents/displayvideo.v1.json b/googleapiclient/discovery_cache/documents/displayvideo.v1.json
index fb7156d30e1..1a84ae84de7 100644
--- a/googleapiclient/discovery_cache/documents/displayvideo.v1.json
+++ b/googleapiclient/discovery_cache/documents/displayvideo.v1.json
@@ -7203,7 +7203,7 @@
       }
     }
   },
-  "revision": "20210603",
+  "revision": "20210611",
   "rootUrl": "https://displayvideo.googleapis.com/",
   "schemas": {
     "ActivateManualTriggerRequest": {
diff --git a/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json b/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json
index 18d0ce3d65e..b52e3435831 100644
--- a/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json
+++ b/googleapiclient/discovery_cache/documents/doubleclicksearch.v2.json
@@ -399,7 +399,7 @@
       }
     }
   },
-  "revision": "20210521",
+  "revision": "20210608",
   "rootUrl": "https://doubleclicksearch.googleapis.com/",
   "schemas": {
     "Availability": {
diff --git a/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json b/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json
index fe2f1344a67..c116fe9d976 100644
--- a/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json
+++ b/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json
@@ -850,7 +850,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://essentialcontacts.googleapis.com/",
   "schemas": {
     "GoogleCloudEssentialcontactsV1ComputeContactsResponse": {
diff --git a/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json b/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json
index 5426158ba96..cccf9e554c2 100644
--- a/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json
@@ -584,7 +584,7 @@
       }
     }
   },
-  "revision": "20210527",
+  "revision": "20210604",
   "rootUrl": "https://eventarc.googleapis.com/",
   "schemas": {
     "AuditConfig": {
diff --git a/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json b/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json
index 1d072abd59b..f884b644138 100644
--- a/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json
@@ -304,7 +304,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://factchecktools.googleapis.com/",
   "schemas": {
     "GoogleFactcheckingFactchecktoolsV1alpha1Claim": {
diff --git a/googleapiclient/discovery_cache/documents/games.v1.json b/googleapiclient/discovery_cache/documents/games.v1.json
index 15ff59bf081..9461cf7dd14 100644
--- a/googleapiclient/discovery_cache/documents/games.v1.json
+++ b/googleapiclient/discovery_cache/documents/games.v1.json
@@ -1224,7 +1224,7 @@
       }
     }
   },
-  "revision": "20210605",
+  "revision": "20210611",
   "rootUrl": "https://games.googleapis.com/",
   "schemas": {
     "AchievementDefinition": {
diff --git a/googleapiclient/discovery_cache/documents/gamesConfiguration.v1configuration.json b/googleapiclient/discovery_cache/documents/gamesConfiguration.v1configuration.json
index 8f5fe26aded..42ad057c073 100644
--- a/googleapiclient/discovery_cache/documents/gamesConfiguration.v1configuration.json
+++ b/googleapiclient/discovery_cache/documents/gamesConfiguration.v1configuration.json
@@ -439,7 +439,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210611",
   "rootUrl": "https://gamesconfiguration.googleapis.com/",
   "schemas": {
     "AchievementConfiguration": {
diff --git a/googleapiclient/discovery_cache/documents/gamesManagement.v1management.json b/googleapiclient/discovery_cache/documents/gamesManagement.v1management.json
index ee75b513939..6385efe75b0 100644
--- a/googleapiclient/discovery_cache/documents/gamesManagement.v1management.json
+++ b/googleapiclient/discovery_cache/documents/gamesManagement.v1management.json
@@ -471,7 +471,7 @@
       }
     }
   },
-  "revision": "20210605",
+  "revision": "20210611",
   "rootUrl": "https://gamesmanagement.googleapis.com/",
   "schemas": {
     "AchievementResetAllResponse": {
diff --git a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json
index 65f964f5aef..05e6c21b895 100644
--- a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json
+++ b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json
@@ -265,7 +265,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://gmailpostmastertools.googleapis.com/",
   "schemas": {
     "DeliveryError": {
diff --git a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json
index 7d5d8f66a7c..bd3a54f4aab 100644
--- a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json
@@ -265,7 +265,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://gmailpostmastertools.googleapis.com/",
   "schemas": {
     "DeliveryError": {
diff --git a/googleapiclient/discovery_cache/documents/libraryagent.v1.json b/googleapiclient/discovery_cache/documents/libraryagent.v1.json
index a3908e543c6..71da14c8f99 100644
--- a/googleapiclient/discovery_cache/documents/libraryagent.v1.json
+++ b/googleapiclient/discovery_cache/documents/libraryagent.v1.json
@@ -279,7 +279,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://libraryagent.googleapis.com/",
   "schemas": {
     "GoogleExampleLibraryagentV1Book": {
diff --git a/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json b/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json
index 816501f06cf..2ab1abc9357 100644
--- a/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json
+++ b/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json
@@ -312,7 +312,7 @@
       }
     }
   },
-  "revision": "20210527",
+  "revision": "20210604",
   "rootUrl": "https://lifesciences.googleapis.com/",
   "schemas": {
     "Accelerator": {
diff --git a/googleapiclient/discovery_cache/documents/localservices.v1.json b/googleapiclient/discovery_cache/documents/localservices.v1.json
index 27fab1906bd..94aaf8f4cd8 100644
--- a/googleapiclient/discovery_cache/documents/localservices.v1.json
+++ b/googleapiclient/discovery_cache/documents/localservices.v1.json
@@ -250,7 +250,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://localservices.googleapis.com/",
   "schemas": {
     "GoogleAdsHomeservicesLocalservicesV1AccountReport": {
diff --git a/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json b/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json
index df4797f299e..db5b1ee3b70 100644
--- a/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/managedidentities.v1alpha1.json
@@ -156,7 +156,7 @@
                   "type": "string"
                 },
                 "pageSize": {
-                  "description": "The maximum number of results to return. If not set, the service will select a default.",
+                  "description": "The maximum number of results to return. If not set, the service selects a default.",
                   "format": "int32",
                   "location": "query",
                   "type": "integer"
@@ -871,7 +871,7 @@
       }
     }
   },
-  "revision": "20210324",
+  "revision": "20210601",
   "rootUrl": "https://managedidentities.googleapis.com/",
   "schemas": {
     "AttachTrustRequest": {
@@ -1257,7 +1257,7 @@
           "description": "Optional. The MaintenanceSettings associated with instance."
         },
         "name": {
-          "description": "Unique name of the resource. It uses the form: `projects/{project_id}/locations/{location_id}/instances/{instance_id}`",
+          "description": "Unique name of the resource. It uses the form: `projects/{project_id|project_number}/locations/{location_id}/instances/{instance_id}` Note: Either project_id or project_number can be used, but keep it consistent with other APIs (e.g. RescheduleUpdate)",
           "type": "string"
         },
         "producerMetadata": {
@@ -1476,10 +1476,6 @@
       "description": "SloMetadata contains resources required for proper SLO classification of the instance.",
       "id": "GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata",
       "properties": {
-        "eligibility": {
-          "$ref": "GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility",
-          "description": "Optional. Global per-instance SLI eligibility which applies to all defined SLIs. Exactly one of 'eligibility' and 'per_sli_eligibility' fields must be used."
-        },
         "exclusions": {
           "description": "List of SLO exclusion windows. When multiple entries in the list match (matching the exclusion time-window against current time point) the exclusion reason used in the first matching entry will be published. It is not needed to include expired exclusion in this list, as only the currently applicable exclusions are taken into account by the eligibility exporting subsystem (the historical state of exclusions will be reflected in the historically produced timeseries regardless of the current state). This field can be used to mark the instance as temporary ineligible for the purpose of SLO calculation. For permanent instance SLO exclusion, use of custom instance eligibility is recommended. See 'eligibility' field below.",
           "items": {
@@ -1496,7 +1492,7 @@
         },
         "perSliEligibility": {
           "$ref": "GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility",
-          "description": "Optional. Multiple per-instance SLI eligibilities which apply for individual SLIs. Exactly one of 'eligibility' and 'per_sli_eligibility' fields must be used."
+          "description": "Optional. Multiple per-instance SLI eligibilities which apply for individual SLIs."
         },
         "tier": {
           "description": "Name of the SLO tier the Instance belongs to. This name will be expected to match the tiers specified in the service SLO configuration. Field is mandatory and must not be empty.",
diff --git a/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json b/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json
index 4df95c671fe..523d8a9a1ea 100644
--- a/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/managedidentities.v1beta1.json
@@ -156,7 +156,7 @@
                   "type": "string"
                 },
                 "pageSize": {
-                  "description": "The maximum number of results to return. If not set, the service will select a default.",
+                  "description": "The maximum number of results to return. If not set, the service selects a default.",
                   "format": "int32",
                   "location": "query",
                   "type": "integer"
@@ -871,7 +871,7 @@
       }
     }
   },
-  "revision": "20210324",
+  "revision": "20210601",
   "rootUrl": "https://managedidentities.googleapis.com/",
   "schemas": {
     "AttachTrustRequest": {
@@ -1266,7 +1266,7 @@
           "description": "Optional. The MaintenanceSettings associated with instance."
         },
         "name": {
-          "description": "Unique name of the resource. It uses the form: `projects/{project_id}/locations/{location_id}/instances/{instance_id}`",
+          "description": "Unique name of the resource. It uses the form: `projects/{project_id|project_number}/locations/{location_id}/instances/{instance_id}` Note: Either project_id or project_number can be used, but keep it consistent with other APIs (e.g. RescheduleUpdate)",
           "type": "string"
         },
         "producerMetadata": {
@@ -1485,10 +1485,6 @@
       "description": "SloMetadata contains resources required for proper SLO classification of the instance.",
       "id": "GoogleCloudSaasacceleratorManagementProvidersV1SloMetadata",
       "properties": {
-        "eligibility": {
-          "$ref": "GoogleCloudSaasacceleratorManagementProvidersV1SloEligibility",
-          "description": "Optional. Global per-instance SLI eligibility which applies to all defined SLIs. Exactly one of 'eligibility' and 'per_sli_eligibility' fields must be used."
-        },
         "exclusions": {
           "description": "List of SLO exclusion windows. When multiple entries in the list match (matching the exclusion time-window against current time point) the exclusion reason used in the first matching entry will be published. It is not needed to include expired exclusion in this list, as only the currently applicable exclusions are taken into account by the eligibility exporting subsystem (the historical state of exclusions will be reflected in the historically produced timeseries regardless of the current state). This field can be used to mark the instance as temporary ineligible for the purpose of SLO calculation. For permanent instance SLO exclusion, use of custom instance eligibility is recommended. See 'eligibility' field below.",
           "items": {
@@ -1505,7 +1501,7 @@
         },
         "perSliEligibility": {
           "$ref": "GoogleCloudSaasacceleratorManagementProvidersV1PerSliSloEligibility",
-          "description": "Optional. Multiple per-instance SLI eligibilities which apply for individual SLIs. Exactly one of 'eligibility' and 'per_sli_eligibility' fields must be used."
+          "description": "Optional. Multiple per-instance SLI eligibilities which apply for individual SLIs."
         },
         "tier": {
           "description": "Name of the SLO tier the Instance belongs to. This name will be expected to match the tiers specified in the service SLO configuration. Field is mandatory and must not be empty.",
diff --git a/googleapiclient/discovery_cache/documents/memcache.v1.json b/googleapiclient/discovery_cache/documents/memcache.v1.json
index 350360bf947..257714b999c 100644
--- a/googleapiclient/discovery_cache/documents/memcache.v1.json
+++ b/googleapiclient/discovery_cache/documents/memcache.v1.json
@@ -528,7 +528,7 @@
       }
     }
   },
-  "revision": "20210601",
+  "revision": "20210608",
   "rootUrl": "https://memcache.googleapis.com/",
   "schemas": {
     "ApplyParametersRequest": {
diff --git a/googleapiclient/discovery_cache/documents/networkmanagement.v1.json b/googleapiclient/discovery_cache/documents/networkmanagement.v1.json
index 93308b72034..f6329e0174a 100644
--- a/googleapiclient/discovery_cache/documents/networkmanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/networkmanagement.v1.json
@@ -591,7 +591,7 @@
       }
     }
   },
-  "revision": "20210520",
+  "revision": "20210603",
   "rootUrl": "https://networkmanagement.googleapis.com/",
   "schemas": {
     "AbortInfo": {
diff --git a/googleapiclient/discovery_cache/documents/notebooks.v1.json b/googleapiclient/discovery_cache/documents/notebooks.v1.json
index 5c287e5cf6e..fdbc510dce1 100644
--- a/googleapiclient/discovery_cache/documents/notebooks.v1.json
+++ b/googleapiclient/discovery_cache/documents/notebooks.v1.json
@@ -1553,7 +1553,7 @@
       }
     }
   },
-  "revision": "20210520",
+  "revision": "20210603",
   "rootUrl": "https://notebooks.googleapis.com/",
   "schemas": {
     "AcceleratorConfig": {
@@ -2938,7 +2938,7 @@
           "type": "string"
         },
         "displayName": {
-          "description": "Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens \u2018-\u2019, and underscores \u2018_\u2019.",
+          "description": "Output only. Display name used for UI purposes. Name can only contain alphanumeric characters, hyphens '-', and underscores '_'.",
           "readOnly": true,
           "type": "string"
         },
diff --git a/googleapiclient/discovery_cache/documents/orgpolicy.v2.json b/googleapiclient/discovery_cache/documents/orgpolicy.v2.json
index 5042627044b..e3be59b9f86 100644
--- a/googleapiclient/discovery_cache/documents/orgpolicy.v2.json
+++ b/googleapiclient/discovery_cache/documents/orgpolicy.v2.json
@@ -751,7 +751,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://orgpolicy.googleapis.com/",
   "schemas": {
     "GoogleCloudOrgpolicyV2Constraint": {
diff --git a/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json b/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json
index 4229e82796b..778538afa6b 100644
--- a/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json
+++ b/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json
@@ -193,7 +193,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://pagespeedonline.googleapis.com/",
   "schemas": {
     "AuditRefs": {
diff --git a/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json b/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json
index 6bf7a3baab2..8595d5b2d75 100644
--- a/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json
+++ b/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json
@@ -366,7 +366,7 @@
       }
     }
   },
-  "revision": "20210610",
+  "revision": "20210611",
   "rootUrl": "https://paymentsresellersubscription.googleapis.com/",
   "schemas": {
     "GoogleCloudPaymentsResellerSubscriptionV1CancelSubscriptionRequest": {
diff --git a/googleapiclient/discovery_cache/documents/people.v1.json b/googleapiclient/discovery_cache/documents/people.v1.json
index 5094ed14e1b..3912609f585 100644
--- a/googleapiclient/discovery_cache/documents/people.v1.json
+++ b/googleapiclient/discovery_cache/documents/people.v1.json
@@ -1154,7 +1154,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://people.googleapis.com/",
   "schemas": {
     "Address": {
diff --git a/googleapiclient/discovery_cache/documents/playcustomapp.v1.json b/googleapiclient/discovery_cache/documents/playcustomapp.v1.json
index 2f6bec5445d..0f74f2f6568 100644
--- a/googleapiclient/discovery_cache/documents/playcustomapp.v1.json
+++ b/googleapiclient/discovery_cache/documents/playcustomapp.v1.json
@@ -158,7 +158,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210610",
   "rootUrl": "https://playcustomapp.googleapis.com/",
   "schemas": {
     "CustomApp": {
diff --git a/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json b/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json
index ba833570d1a..571cfe73bee 100644
--- a/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json
+++ b/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json
@@ -2484,7 +2484,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://prod-tt-sasportal.googleapis.com/",
   "schemas": {
     "SasPortalAssignment": {
diff --git a/googleapiclient/discovery_cache/documents/pubsublite.v1.json b/googleapiclient/discovery_cache/documents/pubsublite.v1.json
index d14fc18bc63..ff932ab84ab 100644
--- a/googleapiclient/discovery_cache/documents/pubsublite.v1.json
+++ b/googleapiclient/discovery_cache/documents/pubsublite.v1.json
@@ -690,7 +690,7 @@
       }
     }
   },
-  "revision": "20210528",
+  "revision": "20210608",
   "rootUrl": "https://pubsublite.googleapis.com/",
   "schemas": {
     "Capacity": {
diff --git a/googleapiclient/discovery_cache/documents/safebrowsing.v4.json b/googleapiclient/discovery_cache/documents/safebrowsing.v4.json
index 6c83f819149..8e50bcabafb 100644
--- a/googleapiclient/discovery_cache/documents/safebrowsing.v4.json
+++ b/googleapiclient/discovery_cache/documents/safebrowsing.v4.json
@@ -261,7 +261,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://safebrowsing.googleapis.com/",
   "schemas": {
     "GoogleProtobufEmpty": {
diff --git a/googleapiclient/discovery_cache/documents/secretmanager.v1.json b/googleapiclient/discovery_cache/documents/secretmanager.v1.json
index 5b50bee14fd..d99dfe09da6 100644
--- a/googleapiclient/discovery_cache/documents/secretmanager.v1.json
+++ b/googleapiclient/discovery_cache/documents/secretmanager.v1.json
@@ -633,7 +633,7 @@
       }
     }
   },
-  "revision": "20210521",
+  "revision": "20210605",
   "rootUrl": "https://secretmanager.googleapis.com/",
   "schemas": {
     "AccessSecretVersionResponse": {
diff --git a/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json b/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json
index fe0ba987459..649a5e5c4fa 100644
--- a/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json
@@ -628,7 +628,7 @@
       }
     }
   },
-  "revision": "20210521",
+  "revision": "20210605",
   "rootUrl": "https://secretmanager.googleapis.com/",
   "schemas": {
     "AccessSecretVersionResponse": {
diff --git a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json
index 2e705620085..957add2f296 100644
--- a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json
+++ b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json
@@ -542,7 +542,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210609",
   "rootUrl": "https://serviceconsumermanagement.googleapis.com/",
   "schemas": {
     "AddTenantProjectRequest": {
diff --git a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json
index 06c8c3f698a..936eca1ff5d 100644
--- a/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json
@@ -500,7 +500,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210609",
   "rootUrl": "https://serviceconsumermanagement.googleapis.com/",
   "schemas": {
     "Api": {
diff --git a/googleapiclient/discovery_cache/documents/servicedirectory.v1.json b/googleapiclient/discovery_cache/documents/servicedirectory.v1.json
index 0415e31eeee..b246c2da466 100644
--- a/googleapiclient/discovery_cache/documents/servicedirectory.v1.json
+++ b/googleapiclient/discovery_cache/documents/servicedirectory.v1.json
@@ -883,7 +883,7 @@
       }
     }
   },
-  "revision": "20210526",
+  "revision": "20210602",
   "rootUrl": "https://servicedirectory.googleapis.com/",
   "schemas": {
     "Binding": {
diff --git a/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json b/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json
index 20c49d4e808..3be5e866dcf 100644
--- a/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json
@@ -883,7 +883,7 @@
       }
     }
   },
-  "revision": "20210526",
+  "revision": "20210602",
   "rootUrl": "https://servicedirectory.googleapis.com/",
   "schemas": {
     "Binding": {
diff --git a/googleapiclient/discovery_cache/documents/serviceusage.v1.json b/googleapiclient/discovery_cache/documents/serviceusage.v1.json
index bb60ea00b2f..e78f0020b1a 100644
--- a/googleapiclient/discovery_cache/documents/serviceusage.v1.json
+++ b/googleapiclient/discovery_cache/documents/serviceusage.v1.json
@@ -426,7 +426,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210609",
   "rootUrl": "https://serviceusage.googleapis.com/",
   "schemas": {
     "AdminQuotaPolicy": {
diff --git a/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json b/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json
index a077d48f8b2..71244c955f4 100644
--- a/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json
@@ -959,7 +959,7 @@
       }
     }
   },
-  "revision": "20210608",
+  "revision": "20210609",
   "rootUrl": "https://serviceusage.googleapis.com/",
   "schemas": {
     "AdminQuotaPolicy": {
diff --git a/googleapiclient/discovery_cache/documents/storage.v1.json b/googleapiclient/discovery_cache/documents/storage.v1.json
index f2c2e026536..582870073ee 100644
--- a/googleapiclient/discovery_cache/documents/storage.v1.json
+++ b/googleapiclient/discovery_cache/documents/storage.v1.json
@@ -26,7 +26,7 @@
   "description": "Stores and retrieves potentially large, immutable data objects.",
   "discoveryVersion": "v1",
   "documentationLink": "https://developers.google.com/storage/docs/json_api/",
-  "etag": "\"363536363632373438393633343130333733\"",
+  "etag": "\"36393830363539333633353632353031383134\"",
   "icons": {
     "x16": "https://www.google.com/images/icons/product/cloud_storage-16.png",
     "x32": "https://www.google.com/images/icons/product/cloud_storage-32.png"
@@ -3230,7 +3230,7 @@
       }
     }
   },
-  "revision": "20210602",
+  "revision": "20210608",
   "rootUrl": "https://storage.googleapis.com/",
   "schemas": {
     "Bucket": {
diff --git a/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json b/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json
index 339198c1668..ec4ad8af940 100644
--- a/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json
+++ b/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json
@@ -375,7 +375,7 @@
       }
     }
   },
-  "revision": "20210609",
+  "revision": "20210610",
   "rootUrl": "https://streetviewpublish.googleapis.com/",
   "schemas": {
     "BatchDeletePhotosRequest": {